Static Analysis of String Manipulations in Critical Embedded C Programs

Xavier Allamigeon (EADS CCR DCR/STI/C), Wenceslas Godard (EADS CCR DCR/STI/C) and Charles Hymans (EADS CCR DCR/STI/C)


This paper describes a new static analysis to show the absence of memory errors, especially string buffer overflows in C programs. The analysis is specifically designed for the subset of C that is found in critical embedded software. It is based on the theory of abstract interpretation and relies on an abstraction of stores that retains the length of string buffers. A transport structure allows to dynamically change the granularity of the abstraction and to concisely define several inherently complex abstract primitives such as destructive update and string copy. The analysis integrates several features of the C language such as multi-dimensional arrays, structures, pointers and function calls. A prototype implementation produces encouraging results in early experiments.