{"id":"https://openalex.org/W1973239553","doi":"https://doi.org/10.1145/2381716.2381787","title":"Automatic detection of printf format string vulnerabilities in software applications using static analysis","display_name":"Automatic detection of printf format string vulnerabilities in software applications using static analysis","publication_year":2012,"publication_date":"2012-09-03","ids":{"openalex":"https://openalex.org/W1973239553","doi":"https://doi.org/10.1145/2381716.2381787","mag":"1973239553"},"language":"en","primary_location":{"id":"doi:10.1145/2381716.2381787","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2381716.2381787","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the CUBE International Information Technology Conference","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5022011673","display_name":"Radha Vedala","orcid":null},"institutions":[{"id":"https://openalex.org/I150312865","display_name":"Institute for Development and Research in Banking Technology","ror":"https://ror.org/00ta0g865","country_code":"IN","type":"government","lineage":["https://openalex.org/I150312865"]},{"id":"https://openalex.org/I36893310","display_name":"University of Hyderabad","ror":"https://ror.org/04a7rxb17","country_code":"IN","type":"education","lineage":["https://openalex.org/I36893310"]}],"countries":["IN"],"is_corresponding":true,"raw_author_name":"Radha Vedala","raw_affiliation_strings":["IDRBT University Of Hyderabad, Hyderabad","IDRBT University Of Hyderabad, Hyderabad#TAB#"],"affiliations":[{"raw_affiliation_string":"IDRBT University Of Hyderabad, Hyderabad","institution_ids":["https://openalex.org/I150312865"]},{"raw_affiliation_string":"IDRBT University Of Hyderabad, Hyderabad#TAB#","institution_ids":["https://openalex.org/I36893310"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5053801743","display_name":"Simhadri Anil kumar","orcid":null},"institutions":[{"id":"https://openalex.org/I150312865","display_name":"Institute for Development and Research in Banking Technology","ror":"https://ror.org/00ta0g865","country_code":"IN","type":"government","lineage":["https://openalex.org/I150312865"]},{"id":"https://openalex.org/I36893310","display_name":"University of Hyderabad","ror":"https://ror.org/04a7rxb17","country_code":"IN","type":"education","lineage":["https://openalex.org/I36893310"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"Simhadri Anil kumar","raw_affiliation_strings":["IDRBT University Of Hyderabad, Hyderabad","IDRBT University Of Hyderabad, Hyderabad#TAB#"],"affiliations":[{"raw_affiliation_string":"IDRBT University Of Hyderabad, Hyderabad","institution_ids":["https://openalex.org/I150312865"]},{"raw_affiliation_string":"IDRBT University Of Hyderabad, Hyderabad#TAB#","institution_ids":["https://openalex.org/I36893310"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5022011673"],"corresponding_institution_ids":["https://openalex.org/I150312865","https://openalex.org/I36893310"],"apc_list":null,"apc_paid":null,"fwci":0.4281,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.69908347,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":94},"biblio":{"volume":null,"issue":null,"first_page":"379","last_page":"384"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9977999925613403,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.994700014591217,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8119991421699524},{"id":"https://openalex.org/keywords/secure-coding","display_name":"Secure coding","score":0.6778666973114014},{"id":"https://openalex.org/keywords/abstract-syntax-tree","display_name":"Abstract syntax tree","score":0.5717689394950867},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.5508570075035095},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5400257110595703},{"id":"https://openalex.org/keywords/string","display_name":"String (physics)","score":0.5322009921073914},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.5293589234352112},{"id":"https://openalex.org/keywords/callback","display_name":"Callback","score":0.5099591016769409},{"id":"https://openalex.org/keywords/buffer-overflow","display_name":"Buffer overflow","score":0.49255403876304626},{"id":"https://openalex.org/keywords/software-bug","display_name":"Software bug","score":0.48753663897514343},{"id":"https://openalex.org/keywords/source-code","display_name":"Source code","score":0.46949127316474915},{"id":"https://openalex.org/keywords/java","display_name":"Java","score":0.441113144159317},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.43091028928756714},{"id":"https://openalex.org/keywords/program-analysis","display_name":"Program analysis","score":0.4215902090072632},{"id":"https://openalex.org/keywords/parsing","display_name":"Parsing","score":0.1596769094467163},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.11631917953491211}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8119991421699524},{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.6778666973114014},{"id":"https://openalex.org/C58646249","wikidata":"https://www.wikidata.org/wiki/Q127380","display_name":"Abstract syntax tree","level":3,"score":0.5717689394950867},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.5508570075035095},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5400257110595703},{"id":"https://openalex.org/C157486923","wikidata":"https://www.wikidata.org/wiki/Q1376436","display_name":"String (physics)","level":2,"score":0.5322009921073914},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.5293589234352112},{"id":"https://openalex.org/C204495577","wikidata":"https://www.wikidata.org/wiki/Q1205349","display_name":"Callback","level":2,"score":0.5099591016769409},{"id":"https://openalex.org/C40842320","wikidata":"https://www.wikidata.org/wiki/Q19423","display_name":"Buffer overflow","level":2,"score":0.49255403876304626},{"id":"https://openalex.org/C1009929","wikidata":"https://www.wikidata.org/wiki/Q179550","display_name":"Software bug","level":3,"score":0.48753663897514343},{"id":"https://openalex.org/C43126263","wikidata":"https://www.wikidata.org/wiki/Q128751","display_name":"Source code","level":2,"score":0.46949127316474915},{"id":"https://openalex.org/C548217200","wikidata":"https://www.wikidata.org/wiki/Q251","display_name":"Java","level":2,"score":0.441113144159317},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.43091028928756714},{"id":"https://openalex.org/C98183937","wikidata":"https://www.wikidata.org/wiki/Q2112188","display_name":"Program analysis","level":2,"score":0.4215902090072632},{"id":"https://openalex.org/C186644900","wikidata":"https://www.wikidata.org/wiki/Q194152","display_name":"Parsing","level":2,"score":0.1596769094467163},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.11631917953491211},{"id":"https://openalex.org/C62520636","wikidata":"https://www.wikidata.org/wiki/Q944","display_name":"Quantum mechanics","level":1,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2381716.2381787","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2381716.2381787","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the CUBE International Information Technology Conference","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.6899999976158142,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":8,"referenced_works":["https://openalex.org/W109951691","https://openalex.org/W1579850852","https://openalex.org/W2075496846","https://openalex.org/W2090633024","https://openalex.org/W2137952932","https://openalex.org/W2144552646","https://openalex.org/W2170437881","https://openalex.org/W2752929869"],"related_works":["https://openalex.org/W2625143733","https://openalex.org/W2541903208","https://openalex.org/W1983248291","https://openalex.org/W2393442563","https://openalex.org/W2293245356","https://openalex.org/W4310496983","https://openalex.org/W2101502756","https://openalex.org/W2773767792","https://openalex.org/W2903188055","https://openalex.org/W2167924718"],"abstract_inverted_index":{"1.":[0],"Much":[1],"of":[2,34,46,102,157],"the":[3,16,20,43,72,96,100,106,108,114,152,158,170],"blame":[4],"for":[5],"security":[6,22],"violations":[7],"goes":[8],"to":[9,28,70,98,154],"bad":[10],"software":[11,52,87],"and":[12,120],"that":[13,112],"too":[14],"at":[15,105],"coding":[17],"level.":[18],"Even":[19],"best":[21],"algorithms":[23],"can":[24,94],"be":[25],"broken":[26],"due":[27],"incorrect":[29],"programs.":[30],"The":[31,165],"firstpublished":[32],"reports":[33],"format":[35,83,159],"string":[36,82,160],"bugs":[37],"appeared":[38],"in":[39,49,86,116,135,162,169],"2000,":[40],"followed":[41],"by":[42],"rapid":[44],"discovery":[45],"similar":[47],"vulnerabilities":[48,73,104,161],"most":[50],"high-profile":[51],"projects.":[53],"These":[54],"includethe":[55],"Apache":[56],"web":[57],"server,":[58,61],"wu-ftpd":[59],"FTP":[60],"OpenBSD":[62],"kerneland":[63],"many":[64],"others.":[65],"There":[66],"is":[67,90,110,129,167],"a":[68,130],"need":[69],"find":[71,155],"like":[74],"variable":[75],"buffer":[76],"overflow,":[77],"stack":[78],"traces,":[79],"control":[80],"flows,":[81],"syntaxes":[84],"etc":[85],"before":[88],"it":[89,118],"deployed.":[91],"If":[92],"one":[93],"give":[95],"facility":[97],"verify":[99],"presence":[101],"these":[103],"time":[107,145],"program":[109],"written,":[111],"helps":[113],"developer":[115],"correcting":[117],"then":[119],"there.":[121],"We":[122],"have":[123],"developed":[124],"\"checkers\"":[125],"using":[126,147],"codan":[127],"which":[128],"light-weight":[131],"static":[132],"analysis":[133,146],"framework":[134],"CDT(Eclipse's":[136],"C/C++":[137],"Development":[138],"Tooling":[139],"project).":[140],"Our":[141],"checkers":[142],"perform":[143],"real":[144],"Abstract":[148],"Syntax":[149],"Tree":[150],"on":[151],"code":[153],"some":[156],"C":[163],"language.":[164],"method":[166],"explained":[168],"paper.":[171]},"counts_by_year":[{"year":2015,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}