Name: Using Static Checkers to Find C Language Security Vulnerabilities in the Linux Kernel - Vaishali Thakkar, Linux Foundation
Start: 2016-10-06T17:00:00+0200
End: 2016-10-06T17:50:00+0200

October 4-6 in Berlin, Germany
Register Now for LinuxCon+ContainerCon Europe

Back To Schedule

Using Static Checkers to Find C Language Security Vulnerabilities in the Linux Kernel - Vaishali Thakkar, Linux Foundation

Static code analysis is commonly understood to be an automatic check of source code by a tool. Hundreds of possible fault types have been identified in C code, such as uninitialized variables, buffer overflows, race conditions etc over the years. Since a major part of the Linux kernel is written in C, there is clearly a need for automatic checking for compliance with proper security-related idioms.

The talk will depict the most common security-related coding errors that can arise in the Linux kernel and how current static checkers are helping in finding/fixing them. The talk will give an overview of the available and most commonly used tools, including sparse, coccinelle, smatch, checkpatch, clang, coverity etc. It will also highlight the kind of security vulnerabilities each of these tools is best adapted to handle.

Speakers

Vaishali Thakkar

Linux kernel engineer, Freelancer

Vaishali Thakkar is a freelance kernel engineer and co-organizer of RGSoC. She has diverse interest in different areas/subsystems of Linux Kernel, including but not limited to I2C, Security, memory management. power management etc. She also volunteers as a coordinator for Linux Kernel... Read More →

Thursday October 6, 2016 17:00 - 17:50 CEST
Charlottenburg III

Developer View all LinuxCon Sessions

Experience Level Any

Attendees (45)

J
D
M
S
T
S
T
u
G
s
E
J
p
s
m
E
View All →

LinuxCon+ContainerCon Europe 2016

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Vaishali Thakkar

Attendees (45)