search menu icon-carat-right cmu-wordmark

Posts by Will Klieber

Inference of Memory Bounds: Preventing the Next Heartbleed

Inference of Memory Bounds: Preventing the Next Heartbleed

• Blog
Will Klieber

Invalid memory accesses are one of the most prevalent and serious of software vulnerabilities. Leakage of sensitive information caused by out-of-bounds reads is a relatively new problem that most recently took the form of the Open SSL HeartBleed vulnerability. In this blog post, I will describe research aimed at detecting the intended bounds of memory that given pointers should be able to access....

Read More
Automated Code Repair in the C Programming Language

Automated Code Repair in the C Programming Language

• Blog
Will Klieber

By Will Klieber CERT Secure Coding Team This blog post is co-authored by Will Snavely. Finding violations of secure coding guidelines in source code is daunting, but fixing them is an even greater challenge. We are creating automated tools for source code transformation. Experience in examining software bugs reveals that many security-relevant bugs follow common patterns (which can be automatically detected) and that there are corresponding patterns for repair (which can be performed by automatic...

Read More
Two Secure Coding Tools for Analyzing Android Apps

Two Secure Coding Tools for Analyzing Android Apps

• Blog
Will Klieber

This blog post is co-authored by Lori Flynn. Although the Android Operating System continues to dominate the mobile device market (82 percent of worldwide market share in the third quarter of 2013), applications developed for Android have faced some challenging security issues. For example, applications developed for the Android platform continue to struggle with vulnerabilities, such as activity hijacking, which occurs when a malicious app receives a message (in particular, an intent) that was intended...

Read More

Contact the Author

Will Klieber

SEI Digital Library

SEI Publications

Visit the SEI Digital Library to see other publications by Will Klieber

View publications