Can you Trust your Data?

A new program analysis is presented, and two compile time methods for this analysis are given. The analysis attempts to answer the question: ``Given some trustworthy and some untrustworthy input, can we trust the value of a given variable after execution of some code''. The analyses are based on an abstract interpretation framework and a constraint generation framework respectively. The analyses are proved safe with respect to an instrumented semantics. We explicitly deal with a language with pointers and possible aliasing problems. The constraint based analysis is related directly to the abstract interpretation and therefore indirectly to the instrumented semantics.

Abstract: