((( [logo]Racket )))Need Help?
AboutDownloadDocumentationPackagesCommunityLearning

[racket] Scheme language ( I Need Your Help )

From: mukesh tiwari (mukeshtiwari.iiitm at gmail.com)
Date: Wed May 28 14:54:44 EDT 2014		 
Hi Mansour,



On Wed, May 28, 2014 at 11:12 PM, mansour.alqattan <
mansour.alqattan at gmail.com> wrote:

> Dear
>
> Thank you for your consideration and help in advance. I have three
> question and I hope you can help me with it:
>
> 1- First is there any program or technique for translate Java code or C
> code or any other languages to Scheme Code.
>
> I need to translate from
>
> scm - > java
> java - > scm
>
> C - > scm
> scm - > C
>

You can see Andy Keep Scheme-to-C[1]  and his presentation [2].

[1]https://github.com/akeep/scheme-to-c
[2]https://www.youtube.com/watch?v=Os7FE3J-U5Q


>
>
> 2- Is there potential features for finding or detecting the recent
> vulnerabilities by using Scheme language or any other language?
>

Could you please elaborate more what do you mean by  recent
vulnerabilities. If you mean Heartbleed then yes, It can be avoided but not
sure about Scheme ( I am still learning Racket ). See[3][4]

[3]
http://bluishcoder.co.nz/2014/04/11/preventing-heartbleed-bugs-with-safe-languages.html
[4]
http://cs.stackexchange.com/questions/23856/could-program-verification-techniques-prevent-bugs-of-the-genre-of-heartbleed-fr


> 3- I have been asked to design a pattern which can formalize the potential
> vulnerability on source code.
>

May be first, you have to classify the kind of  vulnerability you are
considering. If you are considering out of bound access then you can use
dependent types to prove that your access will not be out of bound.  You
can use some proof assistants. See [5][6]
[5] http://eb.host.cs.st-andrews.ac.uk/writings/idris-tutorial.pdf
[6] http://coq.inria.fr/


> 4- My final question is there a potential technique to translate any
> intermediate languages code to other format to clarify
> the vulnerabilities of the code? if yes then how .. is there potential
> technique and tools?
>

I am not sure about this but may be this paper [7] help. You can find
plenty of formalization about different techniques in  Coq.
[7]http://www.irisa.fr/celtique/pichardie/papers/fosad09.pdf

Hope it helps. Pardon me if it does not answer the question.  I am just
beginner in the program analysis field.



> I was thinking to translate the intermediate language to scheme code then
> to find tool which can analyse the scheme code to find the vulnerabilities.
> but i don't know how
>
> Please I need answer for these questions as I am doing a research at the
> moment and I stuck in someways. the intermediate language that i am using
> is not meant to be for executing but it is used for understanding the IBM
> assembler.
>
> I look forward to hear from you soon
>
> Thanks
>
> Mansour Alqattan
>
> -Mukesh Tiwari
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.racket-lang.org/users/archive/attachments/20140529/77f1e795/attachment-0001.html>
Posted on the users mailing list.