ABSTRACT
Null dereferences are a bane of programming in languages such as C, and static analysis is an effective method to detect them but often due to false negative. This paper proposes a points-to property sound analysis method to detect all potential null dereferences. First, the feature and detection method of null dereference of C programs are introduced. Second, an abstract memory model Region-based Symbolic Three-Valued Logic (RSTVL) is proposed to describe storage states of memory objects. Third, the property sound analysis theory based on abstract interpretation is proposed, which only analyze a single property of a program applies over-approximation strategy. Then, evaluations’ rules of points-to property based on RSTVL are presented, which guarantees the points-to property of a pointer contains the actual points-to property and detect all potential null dereferences. Experiment results of five real projects show that this method could detect all potential null dereferences with acceptable false-positive rates and efficiency.
Disclosure statement
No potential conflict of interest was reported by the author.
Additional information
Funding
Notes on contributors
Yukun Dong
Yukun Dong, recieved his PhD in computer science from the School of Beijing University of Posts and Telecommunications, Beijing, China, and serves as a lecturer in the College of Computer and Communication Engineering, China University of Petroleum, Qingdao, China. His research interests include software testing and program static analysis.