{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,24]],"date-time":"2025-08-24T01:28:27Z","timestamp":1755998907520,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":50,"publisher":"ACM","license":[{"start":{"date-parts":[[2020,12,21]],"date-time":"2020-12-21T00:00:00Z","timestamp":1608508800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"UMass Amherst Startup"},{"name":"National Science Foundation","award":["2024253"],"award-info":[{"award-number":["2024253"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2020,12,21]]},"DOI":"10.1145\/3324884.3416533","type":"proceedings-article","created":{"date-parts":[[2021,1,27]],"date-time":"2021-01-27T23:38:56Z","timestamp":1611790736000},"page":"1116-1128","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":3,"title":["Prober"],"prefix":"10.1145","author":[{"given":"Hongyu","family":"Liu","sequence":"first","affiliation":[{"name":"Purdue University"}]},{"given":"Ruiqin","family":"Tian","sequence":"additional","affiliation":[{"name":"William & Mary"}]},{"given":"Bin","family":"Ren","sequence":"additional","affiliation":[{"name":"William & Mary"}]},{"given":"Tongping","family":"Liu","sequence":"additional","affiliation":[{"name":"University of Massachusetts Amherst"}]}],"member":"320","published-online":{"date-parts":[[2021,1,27]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Proceedings of the 18th conference on USENIX security symposium","author":"Akritidis Periklis","year":"2009","unstructured":"Periklis Akritidis, Manuel Costa, Miguel Castro, and Steven Hand. 2009. Baggy bounds checking: an efficient and backwards-compatible defense against out-of-bounds errors. In Proceedings of the 18th conference on USENIX security symposium (Montreal, Canada) (SSYM'09). USENIX Association, Berkeley, CA, USA, 51--66. http:\/\/dl.acm.org\/citation.cfm?id=1855768.1855772"},{"key":"e_1_3_2_1_2_1","unstructured":"Andries Brouwer. 2015. time - time a simple command or give resource usage. Linux Comunity."},{"volume-title":"Proceedings of the International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS-IX). Association for Computing Machinery","author":"Berger Emery D.","key":"e_1_3_2_1_3_1","unstructured":"Emery D. Berger, Kathryn S. McKinley, Robert D. Blumofe, and Paul R. Wilson. 2000. Hoard: A Scalable Memory Allocator for Multithreaded Applications. In Proceedings of the International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS-IX). Association for Computing Machinery, New York, NY, United States, Cambridge, MA, 117--128. citeseer.ist.psu.edu\/berger00hoard.html"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/1454115.1454128"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.5555\/2190025.2190067"},{"key":"e_1_3_2_1_6_1","unstructured":"Bugzilla. 2010. \"libHX: buffer overrun in HX_split()\". https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=625866."},{"key":"e_1_3_2_1_7_1","unstructured":"Bugzilla. 2013. \"libtiff (gif2tiff): possible heapbased buffer overflow in readgifimage()\". http:\/\/bugzilla.maptools.org\/show_bug.cgi?id=2451."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/3293882.3330581"},{"key":"e_1_3_2_1_9_1","first-page":"2016","volume":"201","unstructured":"The MITRE Corporation. 2016. CVE-2016-10269. https:\/\/cve.mitre.org\/cgibin\/cvename.cgi?name=CVE-2016-10269.","journal-title":"The MITRE Corporation."},{"key":"e_1_3_2_1_10_1","unstructured":"CVEdetails. 2019. Vulnerabilities By Type. https:\/\/www.cvedetails.com\/vulnerabilities-by-types.php."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/3192366.3192388"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/3192366.3192388"},{"key":"e_1_3_2_1_13_1","unstructured":"Exploit. 2014. \"Openssl heartbeat poc with starttls support\". https:\/\/gist.github.com\/takeshixx\/10107280."},{"key":"e_1_3_2_1_14_1","unstructured":"Micro Focus. 2019. Fortify Static Code Analyzer. https:\/\/www.ndm.net\/sast\/hpfortify. last visited: 02\/08\/2019."},{"volume-title":"Mudflap: pointer use checking for C\/C++","author":"Eigler Frank Ch.","key":"e_1_3_2_1_15_1","unstructured":"Frank Ch. Eigler. 2003. Mudflap: pointer use checking for C\/C++. Red Hat Inc."},{"key":"e_1_3_2_1_16_1","unstructured":"Sanjay Ghemawat and Paul Menage. 2005. TCMalloc : Thread-Caching Malloc. http:\/\/goog-perftools.sourceforge.net\/doc\/tcmalloc.html."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/2259016.2259034"},{"key":"e_1_3_2_1_18_1","volume-title":"In Proc. of the","author":"Hastings Reed","year":"1992","unstructured":"Reed Hastings and Bob Joyce. 1992. Purify: Fast detection of memory leaks and access errors. In In Proc. of the Winter 1992 USENIX Conference. USENIX Association, Berkeley, Califonia, USA, 125--138."},{"key":"e_1_3_2_1_19_1","volume-title":"Intel Inspector XE","author":"Intel Corporation","year":"2012","unstructured":"Intel Corporation. 2012. Intel Inspector XE 2013. http:\/\/software.intel.com\/enus\/intel-inspector-xe."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/2568225.2568311"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/3190508.3190553"},{"key":"e_1_3_2_1_22_1","volume-title":"Proceedings of the 10th Conference on USENIX Security Symposium -","volume":"10","author":"Larochelle David","year":"2001","unstructured":"David Larochelle and David Evans. 2001. Statically Detecting Likely Buffer Overflow Vulnerabilities. In Proceedings of the 10th Conference on USENIX Security Symposium - Volume 10 (Washington, D.C.) (SSYM'01). USENIX Association, Berkeley, CA, USA, Article 14, 177\u00e2\u0102\u015e190 pages. http:\/\/dl.acm.org\/citation.cfm?id=1251327.1251341"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/1453101.1453137"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/3192366.3192380"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.5555\/3314872.3314881"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/2884781.2884784"},{"key":"e_1_3_2_1_27_1","unstructured":"Checkmarx Ltd. 2019. Checkmarx. https:\/\/www.checkmarx.com. last visited: 02\/08\/2019."},{"key":"e_1_3_2_1_28_1","volume-title":"In Workshop on the Evaluation of Software Defect Detection Tools","author":"Lu Shan","year":"2005","unstructured":"Shan Lu, Zhenmin Li, Feng Qin, Lin Tan, Pin Zhou, and Yuanyuan Zhou. 2005. Bugbench: Benchmarks for evaluating bug detection tools. In In Workshop on the Evaluation of Software Defect Detection Tools. Chicago, IL, USA."},{"key":"e_1_3_2_1_29_1","volume-title":"Proceedings of the Principles of Programming Languages. Association for Computing Machinery","author":"Necula Necula George C.","year":"2002","unstructured":"George C. Necula Necula, McPeak Scott, and Weimer Westley. 2002. CCured: TypeSafe Retrofitting of Legacy Code. In Proceedings of the Principles of Programming Languages. Association for Computing Machinery, New York, NY, United States, 128--139."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/1250734.1250746"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866371"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/1250734.1250736"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/1542476.1542521"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/3219617.3219662"},{"key":"e_1_3_2_1_35_1","unstructured":"Oracle Corporation. 2011. Sun Memory Error Discovery Tool (Discover). http:\/\/docs.oracle.com\/cd\/E18659_01\/html\/821-1784\/gentextid-302.html."},{"key":"e_1_3_2_1_36_1","unstructured":"parasoft Company. 2013. C and C++ Memory Debugging."},{"key":"e_1_3_2_1_37_1","unstructured":"Bruce Perens. 2005. Electric Fence. https:\/\/linux.softpedia.com\/get\/Programming\/Debuggers\/Electric-Fence-3305.shtml."},{"volume-title":"In Proceedings of the 11th Annual Network and Distributed System Security Symposium. The Internet Society","author":"Ruwase Olatunji","key":"e_1_3_2_1_38_1","unstructured":"Olatunji Ruwase and Monica S. Lam. 2004. A Practical Dynamic Buffer Overflow Detector. In In Proceedings of the 11th Annual Network and Distributed System Security Symposium. The Internet Society, San Diego, California, USA, 159--169."},{"key":"e_1_3_2_1_39_1","unstructured":"Kurt Seifried. 2012. \"CVE Request: Heap-based buffer overflow in openjpeg\". https:\/\/seclists.org\/oss-sec\/2012\/q3\/300."},{"key":"e_1_3_2_1_40_1","volume-title":"Proceedings of the 2012 USENIX conference on Annual Technical Conference (Boston, MA) (USENIX ATC'12). USENIX Association","author":"Serebryany Konstantin","year":"2012","unstructured":"Konstantin Serebryany, Derek Bruening, Alexander Potapenko, and Dmitry Vyukov. 2012. AddressSanitizer: a fast address sanity checker. In Proceedings of the 2012 USENIX conference on Annual Technical Conference (Boston, MA) (USENIX ATC'12). USENIX Association, Berkeley, CA, USA, 28--28. http:\/\/dl.acm.org\/citation.cfm?id=2342821.2342849"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3133957"},{"key":"e_1_3_2_1_42_1","volume-title":"Guarder: A Tunable Secure Allocator. In 27th USENIX Security Symposium (USENIX Security 18)","author":"Silvestro Sam","year":"2018","unstructured":"Sam Silvestro, Hongyu Liu, Tianyi Liu, Zhiqiang Lin, and Tongping Liu. 2018. Guarder: A Tunable Secure Allocator. In 27th USENIX Security Symposium (USENIX Security 18). USENIX Association, Baltimore, MD, 117--133. https:\/\/www.usenix.org\/conference\/usenixsecurity18\/presentation\/silvestro"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1109\/MICRO.2018.00027"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.13"},{"key":"e_1_3_2_1_45_1","unstructured":"Talos. 2016. \"Memcached Server SASL Autentication Remote Code Execution Vulnerability\". https:\/\/www.talosintelligence.com\/reports\/TALOS-2016-0221\/."},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.9"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICST.2016.21"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1145\/1993498.1993541"},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2015.54"},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1145\/3297858.3304017"}],"event":{"name":"ASE '20: 35th IEEE\/ACM International Conference on Automated Software Engineering","sponsor":["SIGAI ACM Special Interest Group on Artificial Intelligence","SIGSOFT ACM Special Interest Group on Software Engineering","IEEE CS"],"location":"Virtual Event Australia","acronym":"ASE '20"},"container-title":["Proceedings of the 35th IEEE\/ACM International Conference on Automated Software Engineering"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3324884.3416533","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3324884.3416533","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3324884.3416533","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T22:01:37Z","timestamp":1750197697000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3324884.3416533"}},"subtitle":["practically defending overflows with page protection"],"short-title":[],"issued":{"date-parts":[[2020,12,21]]},"references-count":50,"alternative-id":["10.1145\/3324884.3416533","10.1145\/3324884"],"URL":"https:\/\/doi.org\/10.1145\/3324884.3416533","relation":{},"subject":[],"published":{"date-parts":[[2020,12,21]]},"assertion":[{"value":"2021-01-27","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}