In this paper we propose a scheme that combines type inference and run-time checking to
make existing C programs type safe. We describe the CCured type system, which extends …

This article describes CCured, a program transformation system that adds type safety
guarantees to existing C programs. CCured attempts to verify statically that memory errors …

We present a formal semantics of the C programming language, covering both the type
system and the dynamic behaviour of programs. The semantics is wide-ranging, covering …

A type system is given that eliminates two kinds of covert flows in an imperative
programming language. The first kind arises from nontermination and the other from partial …

CCured is a program transformation system that adds memory safety guarantees to C
programs by verifying statically that memory errors cannot occur and by inserting run-time …

In C, memory errors, such as buffer overflows, are among the most dangerous software
errors; as we show, they are still on the rise. Current dynamic bug-finding tools that try to …

C programs can be difficult to debug due to lax type enforcement and low-level access to
memory. We present a dynamic analysis for C that checks heap snapshots for consistency …

The serious bugs and security vulnerabilities that result from C's lack of bounds checking
and unsafe manual memory management are well known, yet C remains in widespread use …

Many programming languages have been developed and implemented for mobile code
environments. They are typically quite expressive. But while security is an important aspect …

Region-based type systems provide programmer control over memory management without
sacrificing type-safety. However, the type systems for region-based languages, such as the …