{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,10]],"date-time":"2025-09-10T22:41:38Z","timestamp":1757544098122,"version":"3.41.0"},"reference-count":16,"publisher":"Association for Computing Machinery (ACM)","issue":"12","license":[{"start":{"date-parts":[[2008,12,1]],"date-time":"2008-12-01T00:00:00Z","timestamp":1228089600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000144","name":"Division of Computer and Network Systems","doi-asserted-by":"publisher","award":["CNS-0347339CNS-0615211"],"award-info":[{"award-number":["CNS-0347339CNS-0615211"]}],"id":[{"id":"10.13039\/100000144","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["Commun. ACM"],"published-print":{"date-parts":[[2008,12]]},"abstract":"<jats:p>Programs written in C and C++ are susceptible to memory errors, including buffer overflows and dangling pointers. These errors, which can lead to crashes, erroneous execution, and security vulnerabilities, are notoriously costly to repair. Tracking down their location in the source code is difficult, even when the full memory state of the program is available. Once the errors are finally found, fixing them remains challenging: even for critical security-sensitive bugs, the average time between initial reports and the issuance of a patch is nearly 1 month.<\/jats:p>\n          <jats:p>\n            We present Exterminator, a system that automatically corrects heap-based memory errors without programmer intervention. Exterminator exploits randomization to pinpoint errors with high precision. From this information, Exterminator derives\n            <jats:italic>runtime patches<\/jats:italic>\n            that fix these errors both in current and subsequent executions. In addition, Exterminator enables collaborative bug correction by merging patches generated by multiple users. We present analytical and empirical results that demonstrate Exterminator's effectiveness at detecting and correcting both injected and real faults.\n          <\/jats:p>","DOI":"10.1145\/1409360.1409382","type":"journal-article","created":{"date-parts":[[2008,12,3]],"date-time":"2008-12-03T21:56:04Z","timestamp":1228341364000},"page":"87-95","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":35,"title":["Exterminator"],"prefix":"10.1145","volume":"51","author":[{"given":"Gene","family":"Novark","sequence":"first","affiliation":[{"name":"University of Massachusetts, Amherst, MA"}]},{"given":"Emery D.","family":"Berger","sequence":"additional","affiliation":[{"name":"University of Massachusetts, Amherst, MA"}]},{"given":"Benjamin G.","family":"Zorn","sequence":"additional","affiliation":[{"name":"Microsoft Research, Redmond, WA"}]}],"member":"320","published-online":{"date-parts":[[2008,12]]},"reference":[{"doi-asserted-by":"publisher","key":"e_1_2_2_1_1","DOI":"10.1145\/178243.178446"},{"doi-asserted-by":"publisher","key":"e_1_2_2_2_1","DOI":"10.1145\/1062455.1062520"},{"doi-asserted-by":"publisher","key":"e_1_2_2_3_1","DOI":"10.1145\/1133981.1134000"},{"doi-asserted-by":"publisher","key":"e_1_2_2_5_1","DOI":"10.1145\/378795.378821"},{"doi-asserted-by":"publisher","key":"e_1_2_2_6_1","DOI":"10.1145\/1133981.1133999"},{"key":"e_1_2_2_7_1","volume-title":"Proceedings of the","author":"Hastings R.","year":"1992","unstructured":"Hastings , R. and Joyce , B . Purify: Fast detection of memory leaks and access errors . In Proceedings of the Winter 1992 USENIX Conference. USENIX , Jan. 1992, 125--138. Hastings, R. and Joyce, B. Purify: Fast detection of memory leaks and access errors. In Proceedings of the Winter 1992 USENIX Conference. USENIX, Jan. 1992, 125--138."},{"unstructured":"Lea D. A memory allocator http:\/\/gee.cs.oswego.edu\/dl\/html\/malloc.html 1997  Lea D. A memory allocator http:\/\/gee.cs.oswego.edu\/dl\/html\/malloc.html 1997","key":"e_1_2_2_8_1"},{"doi-asserted-by":"publisher","key":"e_1_2_2_9_1","DOI":"10.1145\/503272.503286"},{"doi-asserted-by":"publisher","key":"e_1_2_2_10_1","DOI":"10.1145\/1250734.1250746"},{"doi-asserted-by":"publisher","key":"e_1_2_2_11_1","DOI":"10.1145\/1250734.1250736"},{"doi-asserted-by":"publisher","key":"e_1_2_2_12_1","DOI":"10.1145\/1095810.1095833"},{"doi-asserted-by":"publisher","key":"e_1_2_2_13_1","DOI":"10.1109\/CSAC.2004.2"},{"key":"e_1_2_2_14_1","volume-title":"Sixth Symposium on Operating Systems Design and Implementation, USENIX","author":"Rinard M.","year":"2004","unstructured":"Rinard , M. , Cadar , C. , Dumitran , D. , Roy , D.M. , Leu , T. , and Beebee , W.S. Jr . Enhancing server availability and security through failure-oblivious computing . In Sixth Symposium on Operating Systems Design and Implementation, USENIX , Dec. 2004 . 303--316. Rinard, M., Cadar, C., Dumitran, D., Roy, D.M., Leu, T., and Beebee, W.S. Jr. Enhancing server availability and security through failure-oblivious computing. In Sixth Symposium on Operating Systems Design and Implementation, USENIX, Dec. 2004. 303--316."},{"doi-asserted-by":"publisher","key":"e_1_2_2_15_1","DOI":"10.1145\/232627.232633"},{"volume-title":"Performance Evaluation Corporation. SPEC2000","author":"Standard","unstructured":"Standard Performance Evaluation Corporation. SPEC2000 . http:\/\/www.spec.org Standard Performance Evaluation Corporation. SPEC2000. http:\/\/www.spec.org","key":"e_1_2_2_16_1"},{"unstructured":"Symantec. Internet security threat report. http:\/\/www.symantec.com\/enterprise\/threatreport\/index.jsp Sept. 2006.  Symantec. Internet security threat report. http:\/\/www.symantec.com\/enterprise\/threatreport\/index.jsp Sept. 2006.","key":"e_1_2_2_17_1"}],"container-title":["Communications of the ACM"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1409360.1409382","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1409360.1409382","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T13:29:52Z","timestamp":1750253392000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1409360.1409382"}},"subtitle":["Automatically correcting memory errors with high probability"],"short-title":[],"issued":{"date-parts":[[2008,12]]},"references-count":16,"journal-issue":{"issue":"12","published-print":{"date-parts":[[2008,12]]}},"alternative-id":["10.1145\/1409360.1409382"],"URL":"https:\/\/doi.org\/10.1145\/1409360.1409382","relation":{},"ISSN":["0001-0782","1557-7317"],"issn-type":[{"type":"print","value":"0001-0782"},{"type":"electronic","value":"1557-7317"}],"subject":[],"published":{"date-parts":[[2008,12]]},"assertion":[{"value":"2008-12-01","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}