{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,27]],"date-time":"2026-02-27T03:45:50Z","timestamp":1772163950132,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":37,"publisher":"ACM","license":[{"start":{"date-parts":[[2004,10,31]],"date-time":"2004-10-31T00:00:00Z","timestamp":1099180800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2004,10,31]]},"DOI":"10.1145\/1029894.1029913","type":"proceedings-article","created":{"date-parts":[[2005,1,30]],"date-time":"2005-01-30T12:55:16Z","timestamp":1107089716000},"page":"117-126","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":88,"title":["An efficient and backwards-compatible transformation to ensure memory safety of C programs"],"prefix":"10.1145","author":[{"given":"Wei","family":"Xu","sequence":"first","affiliation":[{"name":"Stony Brook University"}]},{"given":"Daniel C.","family":"DuVarney","sequence":"additional","affiliation":[{"name":"Stony Brook University"}]},{"given":"R.","family":"Sekar","sequence":"additional","affiliation":[{"name":"Stony Brook University"}]}],"member":"320","published-online":{"date-parts":[[2004,10,31]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"SPEC CINT Benchmark","author":"Anonymous","unstructured":"Anonymous . SPEC CINT Benchmark . Standard Performance Evaluation Corporation . http:\/\/www.specbench.org\/. Anonymous. SPEC CINT Benchmark. Standard Performance Evaluation Corporation. http:\/\/www.specbench.org\/."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/178243.178446"},{"key":"e_1_3_2_1_3_1","first-page":"45","volume-title":"USENIX Security Symposium","author":"Avijit K.","year":"2004","unstructured":"K. Avijit , P. Gupta , and D. Gupta . TIED, LibsafePlus: Tools for runtime buffer overflow protection . In USENIX Security Symposium , pages 45 -- 55 , 2004 . K. Avijit, P. Gupta, and D. Gupta. TIED, LibsafePlus: Tools for runtime buffer overflow protection. In USENIX Security Symposium, pages 45--55, 2004."},{"key":"e_1_3_2_1_4_1","first-page":"251","volume-title":"USENIX Annual Technical Conference","author":"Baratloo A.","year":"2000","unstructured":"A. Baratloo , N. Singh , and T. Tsai . Transparent run-time defense against stack smashing attacks . In USENIX Annual Technical Conference , pages 251 -- 262 , Berkeley, CA , June 2000 . A. Baratloo, N. Singh, and T. Tsai. Transparent run-time defense against stack smashing attacks. In USENIX Annual Technical Conference, pages 251--262, Berkeley, CA, June 2000."},{"key":"e_1_3_2_1_5_1","volume-title":"USENIX Security Symposium","author":"Bhatkar S.","year":"2003","unstructured":"S. Bhatkar , D. C. DuVarney , and R. Sekar . Address obfuscation: An efficient approach to combat a broad range of memory error exploits . In USENIX Security Symposium , Washington, DC , August 2003 . S. Bhatkar, D. C. DuVarney, and R. Sekar. Address obfuscation: An efficient approach to combat a broad range of memory error exploits. In USENIX Security Symposium, Washington, DC, August 2003."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1002\/spe.4380180902"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/209936.209941"},{"key":"e_1_3_2_1_8_1","volume-title":"International Conference on Distributed Computing Systems (ICDCS)","author":"Chiueh T.","year":"2001","unstructured":"T. Chiueh and F. Hsu . RAD: A compile-time solution to buffer overflow attacks . In International Conference on Distributed Computing Systems (ICDCS) , April 2001 . T. Chiueh and F. Hsu. RAD: A compile-time solution to buffer overflow attacks. In International Conference on Distributed Computing Systems (ICDCS), April 2001."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/781131.781157"},{"key":"e_1_3_2_1_10_1","volume-title":"USENIX Security Symposium","author":"Cowan C.","year":"2001","unstructured":"C. Cowan , M. Barringer , S. Beattie , and G. Kroah-Hartman . Formatguard: Automatic protection from printf format string vulnerabilities . In USENIX Security Symposium , 2001 . C. Cowan, M. Barringer, S. Beattie, and G. Kroah-Hartman. Formatguard: Automatic protection from printf format string vulnerabilities. In USENIX Security Symposium, 2001."},{"key":"e_1_3_2_1_11_1","volume-title":"USENIX Security Symposium, Washington, D.C.","author":"Cowan C.","year":"2003","unstructured":"C. Cowan , S. Beattie , J. Johansen , and P. Wagle . Pointguard: Protecting pointers from buffer overflow vulnerabilities . In USENIX Security Symposium, Washington, D.C. , August 2003 . C. Cowan, S. Beattie, J. Johansen, and P. Wagle. Pointguard: Protecting pointers from buffer overflow vulnerabilities. In USENIX Security Symposium, Washington, D.C., August 2003."},{"key":"e_1_3_2_1_12_1","volume-title":"USENIX Security Symposium","author":"Cowan C.","year":"1998","unstructured":"C. Cowan , C. Pu , D. Maier , J. Walpole , P. Bakke , S. Beattie , A. Grier , P. Wagle , Q. Zhang , and H. Hinton . Automatic detection and prevention of buffer-overflow attacks . In USENIX Security Symposium , January 1998 . C. Cowan, C. Pu, D. Maier, J. Walpole, P. Bakke, S. Beattie, A. Grier, P. Wagle, Q. Zhang, and H. Hinton. Automatic detection and prevention of buffer-overflow attacks. In USENIX Security Symposium, January 1998."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/781131.781149"},{"key":"e_1_3_2_1_14_1","volume-title":"Published on World-Wide Web","author":"Etoh H.","year":"2000","unstructured":"H. Etoh and K. Yoda . Protecting from stack-smashing attacks . Published on World-Wide Web , June 2000 . H. Etoh and K. Yoda. Protecting from stack-smashing attacks. Published on World-Wide Web, June 2000."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/301618.301665"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/948109.948155"},{"key":"e_1_3_2_1_17_1","first-page":"125","volume-title":"Proceedings of the Winter USENIX Conference","author":"Hastings R.","year":"1992","unstructured":"R. Hastings and B. Joyce . Purify: Fast detection of memory leaks and access errors . In Proceedings of the Winter USENIX Conference , pages 125 -- 136 , 1992 . R. Hastings and B. Joyce. Purify: Fast detection of memory leaks and access errors. In Proceedings of the Winter USENIX Conference, pages 125--136, 1992."},{"key":"e_1_3_2_1_18_1","volume-title":"Network and Distributed System Security Symposium (NDSS)","author":"Haugh E.","year":"2003","unstructured":"E. Haugh and M. Bishop . Testing C programs for buffer overflow vulnerabilities . In Network and Distributed System Security Symposium (NDSS) , February 2003 . E. Haugh and M. Bishop. Testing C programs for buffer overflow vulnerabilities. In Network and Distributed System Security Symposium (NDSS), February 2003."},{"key":"e_1_3_2_1_19_1","volume-title":"USENIX Annual Technical Conference","author":"Jim T.","year":"2002","unstructured":"T. Jim , G. Morrisett , D. Grossman , M. Hicks , J. Cheney , and Y. Wang . Cyclone: A safe dialect of C . In USENIX Annual Technical Conference , June 2002 . T. Jim, G. Morrisett, D. Grossman, M. Hicks, J. Cheney, and Y. Wang. Cyclone: A safe dialect of C. In USENIX Annual Technical Conference, June 2002."},{"key":"e_1_3_2_1_20_1","first-page":"13","volume-title":"International Workshop on Automated and Algorithmic Debugging","author":"Jones R. W. M.","year":"1997","unstructured":"R. W. M. Jones and P. H. J. Kelly . Backwards-compatible bounds checking for arrays and pointers in c programs . In International Workshop on Automated and Algorithmic Debugging , pages 13 -- 26 , 1997 . R. W. M. Jones and P. H. J. Kelly. Backwards-compatible bounds checking for arrays and pointers in c programs. In International Workshop on Automated and Algorithmic Debugging, pages 13--26, 1997."},{"key":"e_1_3_2_1_21_1","first-page":"161","volume-title":"Proceedings of the Summer USENIX Conference","author":"Kaufer S.","year":"1988","unstructured":"S. Kaufer , R. Lopez , and S. Pratap . Saber-C: an interpreter-based programming environment for the C language . In Proceedings of the Summer USENIX Conference , pages 161 -- 171 , 1988 . S. Kaufer, R. Lopez, and S. Pratap. Saber-C: an interpreter-based programming environment for the C language. In Proceedings of the Summer USENIX Conference, pages 161--171, 1988."},{"key":"e_1_3_2_1_22_1","volume-title":"Proceedings of the USENIX Summer Conference, El","author":"Kendall S. C.","year":"1983","unstructured":"S. C. Kendall . Bcc : run--time checking for c programs . In Proceedings of the USENIX Summer Conference, El . Cerrito, California, USA , 1983 . USENIX Association. S. C. Kendall. Bcc: run--time checking for c programs. In Proceedings of the USENIX Summer Conference, El. Cerrito, California, USA, 1983. USENIX Association."},{"key":"e_1_3_2_1_23_1","first-page":"177","volume-title":"USENIX Security Symposium","author":"Larochelle D.","year":"2001","unstructured":"D. Larochelle and D. Evans . Statically detecting likely buffer overflow vulnerabilities . In USENIX Security Symposium , pages 177 -- 190 , 2001 . D. Larochelle and D. Evans. Statically detecting likely buffer overflow vulnerabilities. In USENIX Security Symposium, pages 177--190, 2001."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.5555\/645369.651280"},{"key":"e_1_3_2_1_25_1","first-page":"213","volume-title":"Conference on Compiler Construction","author":"McPeak S.","year":"2002","unstructured":"S. McPeak , G. C. Necula , S. P. Rahul , and W. Weimer . CIL: Intermediate language and tools for C program analysis and transformation . In Conference on Compiler Construction , pages 213 -- 228 , 2002 . S. McPeak, G. C. Necula, S. P. Rahul, and W. Weimer. CIL: Intermediate language and tools for C program analysis and transformation. In Conference on Compiler Construction, pages 213--228, 2002."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/503272.503286"},{"key":"e_1_3_2_1_27_1","first-page":"133","volume-title":"International Symposium on Software Security, number 2609 in LNCS","author":"Oiwa Y.","year":"2002","unstructured":"Y. Oiwa , T. Sekiguchi , E. Sumii , and A. Yonezawa . Fail-safe ansi-c compiler: An approach to making c programs secure (progress report) . In International Symposium on Software Security, number 2609 in LNCS , pages 133 -- 153 . Springer-Verlag , 2002 . Y. Oiwa, T. Sekiguchi, E. Sumii, and A. Yonezawa. Fail-safe ansi-c compiler: An approach to making c programs secure (progress report). In International Symposium on Software Security, number 2609 in LNCS, pages 133--153. Springer-Verlag, 2002."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1002\/(SICI)1097-024X(199701)27:1%3C87::AID-SPE78%3E3.0.CO;2-P"},{"key":"e_1_3_2_1_29_1","volume-title":"International Workshop on Automated and Algorithmic Debugging","author":"Patil H. G.","year":"1995","unstructured":"H. G. Patil and C. N. Fischer . Efficient run-time monitoring using shadow processing . In International Workshop on Automated and Algorithmic Debugging , 1995 . H. G. Patil and C. N. Fischer. Efficient run-time monitoring using shadow processing. In International Workshop on Automated and Algorithmic Debugging, 1995."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/349299.349325"},{"key":"e_1_3_2_1_31_1","first-page":"159","volume-title":"Network and Distributed System Security Symposium (NDSS)","author":"Ruwase O.","year":"2004","unstructured":"O. Ruwase and M. S. Lam . A practical dynamic buffer overflow detector . In Network and Distributed System Security Symposium (NDSS) , pages 159 -- 169 , February 2004 . O. Ruwase and M. S. Lam. A practical dynamic buffer overflow detector. In Network and Distributed System Security Symposium (NDSS), pages 159--169, February 2004."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.5555\/318773.318942"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1002\/spe.4380220403"},{"key":"e_1_3_2_1_34_1","first-page":"81","volume-title":"USENIX Security Symposium","author":"K.","year":"2002","unstructured":"K. suk Lhee and S. J. Chapin. Type-assisted dynamic buffer overflow detection . In USENIX Security Symposium , pages 81 -- 88 , 2002 . K. suk Lhee and S. J. Chapin. Type-assisted dynamic buffer overflow detection. In USENIX Security Symposium, pages 81--88, 2002."},{"key":"e_1_3_2_1_35_1","volume-title":"Network and Distributed System Security Symposium (NDSS)","author":"Wagner D.","year":"2000","unstructured":"D. Wagner , J. S. Foster , E. A. Brewer , and A. Aiken . A first step towards automated detection of buffer overrun vulnerabilities . In Network and Distributed System Security Symposium (NDSS) , 2000 . D. Wagner, J. S. Foster, E. A. Brewer, and A. Aiken. A first step towards automated detection of buffer overrun vulnerabilities. In Network and Distributed System Security Symposium (NDSS), 2000."},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/940071.940115"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1145\/940071.940113"}],"event":{"name":"SIGSOFT04\/FSE-12: SIGSOFT 2004 -12th International Symposium on the Foundations of Software Engineering","location":"Newport Beach CA USA","acronym":"SIGSOFT04\/FSE-12","sponsor":["ACM Association for Computing Machinery","SIGSOFT ACM Special Interest Group on Software Engineering"]},"container-title":["Proceedings of the 12th ACM SIGSOFT twelfth international symposium on Foundations of software engineering"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1029894.1029913","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1029894.1029913","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T12:31:03Z","timestamp":1750249863000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1029894.1029913"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2004,10,31]]},"references-count":37,"alternative-id":["10.1145\/1029894.1029913","10.1145\/1029894"],"URL":"https:\/\/doi.org\/10.1145\/1029894.1029913","relation":{"is-identical-to":[{"id-type":"doi","id":"10.1145\/1041685.1029913","asserted-by":"object"}]},"subject":[],"published":{"date-parts":[[2004,10,31]]},"assertion":[{"value":"2004-10-31","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}