Dear
Basically I am working on untyped language which considered as an
intermediate language and it is (Wide Spectrum Language)
Can we use *static program analysis* tool (include transformation
techniques such as slicing) of untyped programming intermediate language to
identify the vulnerabilities on source code for example buffer overflow or
any other ?? and How??.
Can we *combine* static analysis tool with untyped programming intermediate
language to help identifying the vulnerabilities? and to be in a one
platform. for example combining Racket parsers with untyped programming
intermediate language?
for example buffer overflow in untyped programming intermediate language
the string is allocated on the heap and can be any length.
This is simple example of the untyped programming intermediate language code
format
VAR < x := 0, y := 0 >:
DO DO IF x = 0 THEN PRINT("Hello World")
ELSIF x > (2 + x) - 1
THEN PRINT("Goodby cruel world")
ELSE EXIT(2) FI;
x := x + 1
OD OD
ENDVAR
Is it possible to have binary code or .exe file then - > translate to - >
ASM (assembly code) then - > untyped programming intermediate language (to
simplify the code) then - > IR (Intermediate Representation) - > Result
(Report the vulnerabilities) ??
Thanks
____________________
Racket Users list:
http://lists.racket-lang.org/users
