Discover Your Island University

Graduate Projects


Project ID: 394
Author: Pradeep Kumar Pothnak
Project Title: An Implementation of a Tool to Detect Vulnerabilities in Coding C and C++
Semester: 2 2012
Committe Chair: Dr. Mario Garcia
Committee Member 1: Dr. Long-zhuang Li
Committee Member 2: Dr. David Thomas
Project Description: Programming is prone to errors since it is based on some pre-defined syntax and pertaining rules. For a successful execution of the program, it must be free from all the compilation errors. The C programming language is intended to be a lightweight language with a small footprint. This characteristic of C leads to vulnerabilities when programmers fail to implement required logic because programmers assume it is handled by C programming language (but it is not). This problem is magnified when programmers are familiar with superficially similar languages such as Java, Pascal, or Ada leading them to believe that C protects the programmer better than it actually does. These false assumptions have led the programmers to write the code beyond the boundaries of an array, failing to catch integer overflows and truncations, and calling functions with the wrong number of arguments. With the help of this project it overcomes the vulnerabilities while coding in C and C++. In this project secure coding software is proposed. It is a desktop application which traces the errors and vulnerable issues within the code, when the C or C++ code is imported in to this application. The brief description of the vulnerable issues will be the output with clear information of error and line number which has error/issue in the code. This application also gives suggestive replaceable code by which code will become secure. Thus this application would be helpful to overcome vulnerable attacks.
Project URL:   394.pdf