{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,7,20]],"date-time":"2025-07-20T03:54:58Z","timestamp":1752983698825,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":45,"publisher":"ACM","license":[{"start":{"date-parts":[[2016,10,24]],"date-time":"2016-10-24T00:00:00Z","timestamp":1477267200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100002347","name":"Bundesministerium f\u00fcr Bildung und Forschung","doi-asserted-by":"publisher","award":["16KIS0154K,16KIS0307"],"award-info":[{"award-number":["16KIS0154K,16KIS0307"]}],"id":[{"id":"10.13039\/501100002347","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001659","name":"Deutsche Forschungsgemeinschaft","doi-asserted-by":"publisher","award":["RI 2469\/1-1"],"award-info":[{"award-number":["RI 2469\/1-1"]}],"id":[{"id":"10.13039\/501100001659","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2016,10,24]]},"DOI":"10.1145\/2976749.2978403","type":"proceedings-article","created":{"date-parts":[[2016,10,25]],"date-time":"2016-10-25T12:46:35Z","timestamp":1477399595000},"page":"541-552","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":10,"title":["Twice the Bits, Twice the Trouble"],"prefix":"10.1145","author":[{"given":"Christian","family":"Wressnegger","sequence":"first","affiliation":[{"name":"TU Braunschweig, Braunschweig, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Fabian","family":"Yamaguchi","sequence":"additional","affiliation":[{"name":"TU Braunschweig, Braunschweig, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Alwin","family":"Maier","sequence":"additional","affiliation":[{"name":"TU Braunschweig, Braunschweig, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Konrad","family":"Rieck","sequence":"additional","affiliation":[{"name":"TU Braunschweig, Braunschweig, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2016,10,24]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"H. S. Adiga. Porting linux applications to 64-bit systems. http:\/\/www.ibm.com\/developerworks\/linux\/library\/l-port64\/index.html 2006.  H. S. Adiga. Porting linux applications to 64-bit systems. http:\/\/www.ibm.com\/developerworks\/linux\/library\/l-port64\/index.html 2006."},{"key":"e_1_3_2_1_2_1","first-page":"143","volume-title":"Using programmer-written compiler extensions to catch security holes. In phProc. of IEEE Symposium on Security and Privacy","author":"Ashcraft K.","year":"2002","unstructured":"K. Ashcraft and D. Engler . Using programmer-written compiler extensions to catch security holes. In phProc. of IEEE Symposium on Security and Privacy , pages 143 -- 159 , 2002 . K. Ashcraft and D. Engler. Using programmer-written compiler extensions to catch security holes. In phProc. of IEEE Symposium on Security and Privacy, pages 143--159, 2002."},{"key":"e_1_3_2_1_3_1","volume-title":"The qmail security guarantee. https:\/\/cr.yp.to\/qmail\/guarantee.html, visited","author":"Bernstein D. J.","year":"2016","unstructured":"}website:qmail_guarantee D. J. Bernstein . The qmail security guarantee. https:\/\/cr.yp.to\/qmail\/guarantee.html, visited August 2016 . }website:qmail_guaranteeD. J. Bernstein. The qmail security guarantee. https:\/\/cr.yp.to\/qmail\/guarantee.html, visited August 2016."},{"key":"e_1_3_2_1_4_1","unstructured":"}website:softlimitD. J. Bernstein. The softlimit program. http:\/\/cr.yp.to\/daemontools\/softlimit.html visited August 2016.  }website:softlimitD. J. Bernstein. The softlimit program. http:\/\/cr.yp.to\/daemontools\/softlimit.html visited August 2016."},{"key":"e_1_3_2_1_5_1","volume-title":"Proc. of USENIX Security Symposium","author":"Bhatkar S.","year":"2003","unstructured":"S. Bhatkar , D. C. DuVarney , and R. Sekar . Address obfuscation: an efficient approach to combat a broad range of memory error exploits . In Proc. of USENIX Security Symposium , 2003 . S. Bhatkar, D. C. DuVarney, and R. Sekar. Address obfuscation: an efficient approach to combat a broad range of memory error exploits. In Proc. of USENIX Security Symposium, 2003."},{"key":"e_1_3_2_1_6_1","volume-title":"Proc. of Network and Distributed System Security Symposium (NDSS)","author":"Brumley D.","year":"2007","unstructured":"D. Brumley , T. Chiueh , R. Johnson , H. Lin , and D. X. Song . RICH: Automatically protecting against integer-based vulnerabilities . In Proc. of Network and Distributed System Security Symposium (NDSS) , 2007 . D. Brumley, T. Chiueh, R. Johnson, H. Lin, and D. X. Song. RICH: Automatically protecting against integer-based vulnerabilities. In Proc. of Network and Distributed System Security Symposium (NDSS), 2007."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/ARES.2009.77"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-30108-0_24"},{"key":"e_1_3_2_1_9_1","first-page":"760","volume-title":"Understanding integer overflow in C\/C+. In phProc. of International Conference on Software Engineering(ICSE)","author":"Dietz W.","year":"2012","unstructured":"W. Dietz , P. Li , J. Regehr , and V. Adve . Understanding integer overflow in C\/C+. In phProc. of International Conference on Software Engineering(ICSE) , pages 760 -- 770 , 2012 . W. Dietz, P. Li, J. Regehr, and V. Adve. Understanding integer overflow in C\/C+. In phProc. of International Conference on Software Engineering(ICSE), pages 760--770, 2012."},{"key":"e_1_3_2_1_10_1","unstructured":"S. Esser. PHP printf() family 64 bit casting vulnerabilities. http:\/\/www.php-security.org\/MOPB\/MOPB-38--2007.html 2007.  S. Esser. PHP printf() family 64 bit casting vulnerabilities. http:\/\/www.php-security.org\/MOPB\/MOPB-38--2007.html 2007."},{"key":"e_1_3_2_1_11_1","unstructured":"Free Software Foundation Inc. Warning options - using the gnu compiler collection (gcc). https:\/\/gcc.gnu.org\/onlinedocs\/gcc\/Warning-Options.html visited August 2016.  Free Software Foundation Inc. Warning options - using the gnu compiler collection (gcc). https:\/\/gcc.gnu.org\/onlinedocs\/gcc\/Warning-Options.html visited August 2016."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/1450058.1450087"},{"key":"e_1_3_2_1_13_1","unstructured":"G. Guninski. 64 bit qmail fun. http:\/\/www.guninski.com\/where_do_you_want_billg_to_go_today_4.html 2005.  G. Guninski. 64 bit qmail fun. http:\/\/www.guninski.com\/where_do_you_want_billg_to_go_today_4.html 2005."},{"key":"e_1_3_2_1_14_1","volume-title":"Control group v2. https:\/\/www.kernel.org\/doc\/Documentation\/cgroup-v2.txt","author":"Heo T.","year":"2015","unstructured":"T. Heo . Control group v2. https:\/\/www.kernel.org\/doc\/Documentation\/cgroup-v2.txt , 2015 . T. Heo. Control group v2. https:\/\/www.kernel.org\/doc\/Documentation\/cgroup-v2.txt, 2015."},{"key":"e_1_3_2_1_15_1","unstructured":"M. Howard. Safe integer arithmetic in c. http:\/\/blogs.msdn.com\/b\/michael_howard\/archive\/2006\/02\/02\/523392.aspx visited August 2016.  M. Howard. Safe integer arithmetic in c. http:\/\/blogs.msdn.com\/b\/michael_howard\/archive\/2006\/02\/02\/523392.aspx visited August 2016."},{"key":"e_1_3_2_1_16_1","volume-title":"Optimization and programming guide. Technical report","author":"IBM Corp. XL C\/C+","year":"2012","unstructured":"IBM Corp. XL C\/C+ : Optimization and programming guide. Technical report , IBM Corp ., 2012 . IBM Corp. XL C\/C+: Optimization and programming guide. Technical report, IBM Corp., 2012."},{"key":"e_1_3_2_1_17_1","volume-title":"The open group base specifications issue 7","author":"IEEE and The Open Group","year":"2013","unstructured":"IEEE and The Open Group . The open group base specifications issue 7 . Technical Report IEEE Std 1003.1, IEEE and The Open Group , 2013 . IEEE and The Open Group. The open group base specifications issue 7. Technical Report IEEE Std 1003.1, IEEE and The Open Group, 2013."},{"key":"e_1_3_2_1_18_1","volume-title":"Technical Report WG14 N1124","author":"ISO.","year":"1999","unstructured":"ISO. The ANSI C standard (C99). Technical Report WG14 N1124 , ISO\/IEC , 1999 . ISO. The ANSI C standard (C99). Technical Report WG14 N1124, ISO\/IEC, 1999."},{"key":"e_1_3_2_1_19_1","first-page":"275","volume-title":"Cyclone: A safe dialect of C. In phProc. of USENIX Annual Technical Conference (ATC)","author":"Jim T.","year":"2002","unstructured":"T. Jim , J. G. Morrisett , D. Grossman , M. W. Hicks , J. Cheney , and Y. Wang . Cyclone: A safe dialect of C. In phProc. of USENIX Annual Technical Conference (ATC) , pages 275 -- 288 , 2002 . T. Jim, J. G. Morrisett, D. Grossman, M. W. Hicks, J. Cheney, and Y. Wang. Cyclone: A safe dialect of C. In phProc. of USENIX Annual Technical Conference (ATC), pages 275--288, 2002."},{"key":"e_1_3_2_1_20_1","volume-title":"The Shellcoder's Handbook: Discovering and Exploiting Security Holes","author":"Koziol J.","year":"2004","unstructured":"J. Koziol , D. Litchfield , D. Aitel , C. Anley , S. Eren , N. Mehta , and R. Hassell . The Shellcoder's Handbook: Discovering and Exploiting Security Holes . John Wiley & Sons , 2004 . J. Koziol, D. Litchfield, D. Aitel, C. Anley, S. Eren, N. Mehta, and R. Hassell. The Shellcoder's Handbook: Discovering and Exploiting Security Holes. John Wiley & Sons, 2004."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.5555\/212684"},{"key":"e_1_3_2_1_22_1","volume-title":"https:\/\/safeint.codeplex.com, visited","author":"LeBlanc D.","year":"2016","unstructured":"D. LeBlanc . Safeint. https:\/\/safeint.codeplex.com, visited August 2016 . D. LeBlanc. Safeint. https:\/\/safeint.codeplex.com, visited August 2016."},{"key":"e_1_3_2_1_23_1","unstructured":"Linux Programmer's Manual. ulimit - get and set user limits. http:\/\/man7.org\/linux\/man-pages\/man3\/ulimit.3.html visited August 2016.  Linux Programmer's Manual. ulimit - get and set user limits. http:\/\/man7.org\/linux\/man-pages\/man3\/ulimit.3.html visited August 2016."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/2535838.2535888"},{"key":"e_1_3_2_1_25_1","volume-title":"The new Wconversion option. https:\/\/gcc.gnu.org\/wiki\/NewWconversion, visited","author":"L\u00f3pez-Ib\u00e1nez M.","year":"2016","unstructured":"M. L\u00f3pez-Ib\u00e1nez and I. L. Taylor . The new Wconversion option. https:\/\/gcc.gnu.org\/wiki\/NewWconversion, visited August 2016 . M. L\u00f3pez-Ib\u00e1nez and I. L. Taylor. The new Wconversion option. https:\/\/gcc.gnu.org\/wiki\/NewWconversion, visited August 2016."},{"key":"e_1_3_2_1_26_1","volume-title":"Making code 64-bit clean. https:\/\/developer.apple.com\/library\/mac\/documentation\/Darwin\/Conceptual\/64bitPorting\/MakingCode64-BitClean\/MakingCode64-BitClean.html","author":"Library Mac Developer","year":"2012","unstructured":"Mac Developer Library . Making code 64-bit clean. https:\/\/developer.apple.com\/library\/mac\/documentation\/Darwin\/Conceptual\/64bitPorting\/MakingCode64-BitClean\/MakingCode64-BitClean.html , 2012 . Mac Developer Library. Making code 64-bit clean. https:\/\/developer.apple.com\/library\/mac\/documentation\/Darwin\/Conceptual\/64bitPorting\/MakingCode64-BitClean\/MakingCode64-BitClean.html, 2012."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/1165754.1165766"},{"key":"e_1_3_2_1_28_1","volume-title":"Proc. of Conference on Dependable Systems and Networks (DSN)","author":"Medeiros I.","year":"2009","unstructured":"I. Medeiros and M. Correia . Finding vulnerabilities in software ported from 32 to 64-bit CPUs . In Proc. of Conference on Dependable Systems and Networks (DSN) , 2009 . (fast abstract). I. Medeiros and M. Correia. Finding vulnerabilities in software ported from 32 to 64-bit CPUs. In Proc. of Conference on Dependable Systems and Networks (DSN), 2009. (fast abstract)."},{"key":"e_1_3_2_1_29_1","unstructured":"Microsoft Security Research and Defense Blog. Software defense: mitigating common exploitation techniques. http:\/\/blogs.technet.com\/b\/srd\/archive\/2013\/12\/11\/software-defense-mitigating-common-exploitation-techniques.aspx 2013.  Microsoft Security Research and Defense Blog. Software defense: mitigating common exploitation techniques. http:\/\/blogs.technet.com\/b\/srd\/archive\/2013\/12\/11\/software-defense-mitigating-common-exploitation-techniques.aspx 2013."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.5555\/1855768.1855773"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/503272.503286"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/1065887.1065892"},{"volume-title":"Guidelines for converting to LP64. https:\/\/docs.oracle.com\/cd\/E18752_01\/html\/816--5138\/convert-19.html","year":"2005","key":"e_1_3_2_1_33_1","unstructured":"Oracle. Guidelines for converting to LP64. https:\/\/docs.oracle.com\/cd\/E18752_01\/html\/816--5138\/convert-19.html , 2005 . Oracle. Guidelines for converting to LP64. https:\/\/docs.oracle.com\/cd\/E18752_01\/html\/816--5138\/convert-19.html, 2005."},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/2664243.2664282"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1109\/CGO.2013.6494996"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/2694344.2694389"},{"key":"e_1_3_2_1_37_1","volume-title":"Converting a pointer to integer or integer to pointer. https:\/\/www.securecoding.cert.org\/confluence\/display\/c\/INT36-C\/Converting+a+pointer+to+integer+or+integer+to+pointer","author":"Software Engineering Institute","year":"2016","unstructured":"Software Engineering Institute , CERT Division . Converting a pointer to integer or integer to pointer. https:\/\/www.securecoding.cert.org\/confluence\/display\/c\/INT36-C\/Converting+a+pointer+to+integer+or+integer+to+pointer , 2016 . Software Engineering Institute, CERT Division. Converting a pointer to integer or integer to pointer. https:\/\/www.securecoding.cert.org\/confluence\/display\/c\/INT36-C\/Converting+a+pointer+to+integer+or+integer+to+pointer, 2016."},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1145\/2714576.2714605"},{"key":"e_1_3_2_1_39_1","volume-title":"http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2013-0211","author":"The MITRE Corporation","year":"2013","unstructured":"The MITRE Corporation . CVE-2013-0211. http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2013-0211 , 2013 . The MITRE Corporation. CVE-2013-0211. http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2013-0211, 2013."},{"key":"e_1_3_2_1_40_1","unstructured":"The Open Group. 64-bit and data size neutrality. http:\/\/www.unix.org\/version2\/whatsnew\/lp64_wp.html 2000.  The Open Group. 64-bit and data size neutrality. http:\/\/www.unix.org\/version2\/whatsnew\/lp64_wp.html 2000."},{"key":"e_1_3_2_1_41_1","unstructured":"Viva64. Detect 64-bit portability issues. http:\/\/www.viva64.com\/en\/viva64-tool\/ visitied February 2016.  Viva64. Detect 64-bit portability issues. http:\/\/www.viva64.com\/en\/viva64-tool\/ visitied February 2016."},{"key":"e_1_3_2_1_42_1","volume-title":"Proc. of Network and Distributed System Security Symposium (NDSS)","author":"Wang T.","year":"2009","unstructured":"T. Wang , T. Wei , Z. Lin , and W. Zou . IntScope: Automatically detecting integer overflow vulnerability in x86 binary using symbolic execution . In Proc. of Network and Distributed System Security Symposium (NDSS) , 2009 . T. Wang, T. Wei, Z. Lin, and W. Zou. IntScope: Automatically detecting integer overflow vulnerability in x86 binary using symbolic execution. In Proc. of Network and Distributed System Security Symposium (NDSS), 2009."},{"key":"e_1_3_2_1_43_1","first-page":"163","volume-title":"Proc. of USENIX Symposium on Operating Systems Design and Implementation (OSDI)","author":"Wang X.","year":"2012","unstructured":"X. Wang , H. Chen , Z. Jia , N. Zeldovich , and M. F. Kaashoek . Improving integer security for systems with KINT . In Proc. of USENIX Symposium on Operating Systems Design and Implementation (OSDI) , pages 163 -- 177 , 2012 . X. Wang, H. Chen, Z. Jia, N. Zeldovich, and M. F. Kaashoek. Improving integer security for systems with KINT. In Proc. of USENIX Symposium on Operating Systems Design and Implementation (OSDI), pages 163--177, 2012."},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.5555\/1888881.1888888"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-26362-5_12"}],"event":{"name":"CCS'16: 2016 ACM SIGSAC Conference on Computer and Communications Security","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Vienna Austria","acronym":"CCS'16"},"container-title":["Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2976749.2978403","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2976749.2978403","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T03:40:15Z","timestamp":1750218015000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2976749.2978403"}},"subtitle":["Vulnerabilities Induced by Migrating to 64-Bit Platforms"],"short-title":[],"issued":{"date-parts":[[2016,10,24]]},"references-count":45,"alternative-id":["10.1145\/2976749.2978403","10.1145\/2976749"],"URL":"https:\/\/doi.org\/10.1145\/2976749.2978403","relation":{},"subject":[],"published":{"date-parts":[[2016,10,24]]},"assertion":[{"value":"2016-10-24","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}