Re: [racket] Scheme language ( I Need Your Help )

Wed, 28 May 2014 11:04:18 -0700

If I understand correctly, I suspect that what you want to do is to implement in Racket parsers for Java and C code, which parse those to ASTs using Racket syntax objects. Then you can do analysis for many security vulnerabilities just using Racket "match" on the syntax, and static processing. You still have the halting problem, of course.
After that, a different approach can use the ASTs a different way, to execute/simulate the code, but with additional protections. For example, you could simulate C code (and the hardware on which it runs) but with checks to detect unsafe situations as they occur in fuzz testing. This one is a lot of work to implement, and there are already other ways to do some of this, but maybe your unusual approach will let you do something that existing approaches cannot. 

Neil V.

mansour.alqattan wrote at 05/28/2014 01:42 PM:

Dear


Thank you for your consideration and help in advance. I have three 
question and I hope you can help me with it:



1- First is there any program or technique for translate Java code or 
C code or any other languages to Scheme Code.


I need to translate from

scm - > java
java - > scm

C - > scm
scm - > C



2- Is there potential features for finding or detecting the recent 
vulnerabilities by using Scheme language or any other language?



3- I have been asked to design a pattern which can formalize the 
potential vulnerability on source code.



4- My final question is there a potential technique to translate any 
intermediate languages code to other format to clarify 
the vulnerabilities of the code? if yes then how .. is there potential 
technique and tools?



I was thinking to translate the intermediate language to scheme code 
then to find tool which can analyse the scheme code to find the 
vulnerabilities. but i don't know how



Please I need answer for these questions as I am doing a research at 
the moment and I stuck in someways. the intermediate language that i 
am using is not meant to be for executing but it is used for 
understanding the IBM assembler.


I look forward to hear from you soon

Thanks

Mansour Alqattan


____________________
   Racket Users list:
   http://lists.racket-lang.org/users



____________________
  Racket Users list:
  http://lists.racket-lang.org/users






















					Reply via email to