English  |  正體中文  |  简体中文  |  Items with full text/Total items : 888/888 (100%)
Visitors : 13700174      Online Users : 273
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version
    Please use this identifier to cite or link to this item: http://ccur.lib.ccu.edu.tw/handle/A095B0000Q/6

    Title: 以程式碼安全性為基礎之標記設計與實作;The Design and Implementation of Security Annotations
    Authors: 洪僅榕;HUNG, CHIN-RONG
    Contributors: 資訊工程研究所
    Keywords: 格式化字串;緩衝區溢位;C語言;組合語言;標記;記憶體流失;format string;buffer overflow;C language;assembly language;annotations;memory leakage
    Date: 2018
    Issue Date: 2019-05-23 10:30:07 (UTC+8)
    Publisher: 資訊工程研究所
    Abstract: 由於C語言在執行上的高效率、功能豐富、可移植等優點,從被開發出來一直到2017年,其熱門程度一直維持在軟體評價網站Tiobe[1]排行榜的前2名。但是C語言本身既有的漏洞,卻可能讓這些軟體崩潰、當機,甚至輕易被駭客入侵。包含緩衝區溢位、記憶體流失、格式化字串等漏洞皆是由於C語言本身設計缺陷所造成。為了減少C語言漏洞對作業系統和應用程式的傷害,我們利用組合語言標記(annotation)來協助工程師偵測原始碼中的漏洞。標記可以用來標示程式元素如函式、變數等,當程式碼使用或呼叫被標示的程式元素時,編譯器會顯示該程式元素的相關訊息,工程師便可依據該訊息提示知道原始碼中是否有漏洞的危險。因此本篇論文設計安全性標記來協助工程師檢查原始碼,自行選擇要檢查的參數並傳入我們設計的函式,利用檢查後輸出的訊息,便能使程式執行的過程有更高的安全性。
    C programming has been a popular programming language because of its high efficiency, feature-rich, portable, and so on. Because of the popularity in C, a flaw in it may cause amount of software and operating systems to crash. Thus, we design security annotations written in assembly language to reduce damage on design flaws. Annotations can be used on functions, variables, and any object in source code, and so on. Compiler will show information about these objects when they are used, and programmers know vulnerabilities in their source code according to annotations. Programmers can choose any variable to be checked as they like, and pass it as an argument to functions designed in this paper. Programs will execute safer when annotations printed on the screen annotate problems in their source code.
    Appears in Collections:[資訊工程學系] 學位論文

    Files in This Item:

    File Description SizeFormat

    All items in CCUR are protected by copyright, with all rights reserved.

    版權聲明 © 國立中正大學圖書館網頁內容著作權屬國立中正大學圖書館


    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback