((( [logo]Racket )))Need Help?
AboutDownloadDocumentationPackagesCommunityLearning

[racket] Scheme language ( I Need Your Help )

From: Neil Van Dyke (neil at neilvandyke.org)
Date: Wed May 28 14:01:28 EDT 2014		 
If I understand correctly, I suspect that what you want to do is to 
implement in Racket parsers for Java and C code, which parse those to 
ASTs using Racket syntax objects.  Then you can do analysis for many 
security vulnerabilities just using Racket "match" on the syntax, and 
static processing.  You still have the halting problem, of course.

After that, a different approach can use the ASTs a different way, to 
execute/simulate the code, but with additional protections.  For 
example, you could simulate C code (and the hardware on which it runs) 
but with checks to detect unsafe situations as they occur in fuzz 
testing.  This one is a lot of work to implement, and there are already 
other ways to do some of this, but maybe your unusual approach will let 
you do something that existing approaches cannot.

Neil V.

mansour.alqattan wrote at 05/28/2014 01:42 PM:
> Dear
>
> Thank you for your consideration and help in advance. I have three 
> question and I hope you can help me with it:
>
> 1- First is there any program or technique for translate Java code or 
> C code or any other languages to Scheme Code.
>
> I need to translate from
>
> scm - > java
> java - > scm
>
> C - > scm
> scm - > C
>
>
> 2- Is there potential features for finding or detecting the recent 
> vulnerabilities by using Scheme language or any other language?
>
> 3- I have been asked to design a pattern which can formalize the 
> potential vulnerability on source code.
>
> 4- My final question is there a potential technique to translate any 
> intermediate languages code to other format to clarify 
> the vulnerabilities of the code? if yes then how .. is there potential 
> technique and tools?
>
> I was thinking to translate the intermediate language to scheme code 
> then to find tool which can analyse the scheme code to find the 
> vulnerabilities. but i don't know how
>
> Please I need answer for these questions as I am doing a research at 
> the moment and I stuck in someways. the intermediate language that i 
> am using is not meant to be for executing but it is used for 
> understanding the IBM assembler.
>
> I look forward to hear from you soon
>
> Thanks
>
> Mansour Alqattan
>
>
> ____________________
>    Racket Users list:
>    http://lists.racket-lang.org/users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.racket-lang.org/users/archive/attachments/20140528/3d57068c/attachment.html>
Posted on the users mailing list.