• Research Support
      • Starting Library Research
      • Research Guides
      • Subject Librarians
      • Digital Scholarship Center
      • Publishing & Copyright
      • Research Data Management
      • Study Skills & Campus Resources
      • Request a Purchase
    • Using the Libraries
      • Rooms & Study Spaces
      • Borrowing & Requesting
      • Connect from Off-campus
      • ILL (Interlibrary Loan)
      • Course Reserves
      • Technology, Printing, & Scanning
      • Tutoring at the UO Libraries
      • Classroom Technology Support
      • Canvas Support
      • Accessibility
    • Collections
      • Databases A-Z
      • Scholars' Bank
      • Videos, Music, Photos
      • Special Collections & University Archives
      • Unique Collections
      • Government Documents
      • Maps & Aerial Photography
      • Oregon Digital
      • Oregon Newspapers
    • Library Accounts
      • LibrarySearch Account
      • ILLiad Account (Interlibrary Loan)
      • Endnote Web (Citation Manager)
    • About
      • Hours & Locations
      • Staff & Department Directory
      • News & Events
      • Calendar
      • Mission, Values, & Strategic Directions
      • Diversity & Inclusion
      • Policies
      • Jobs
      • Comments & Suggestions
    • Chat/Ask Us
      • Email
      • Phone
      • Text
    View Item 
    •   Scholars' Bank Home
    • Scholarly Works
    • Student Works
    • Theses & Dissertations
    • Clark Honors College
    • Clark Honors College Theses
    • View Item
    •   Scholars' Bank Home
    • Scholarly Works
    • Student Works
    • Theses & Dissertations
    • Clark Honors College
    • Clark Honors College Theses
    • View Item
    JavaScript is disabled for your browser. Some features of this site may not work without it.

    Can I See Some Identification?: Detecting and Patching Source Code Vulnerabilities

    View/Open
    Thesis Final-Lipps.pdf (159.0Kb)

    Date
    2015-06
    Author
    Lipps, Jeremy
    Metadata
    Show full item record
    Author
    Lipps, Jeremy
    Abstract
    This paper reflects research with the goal of building source analysis of security vulnerabilities for poorly written or faulty code intended to connect two parties via online interaction. Today’s world is becoming more inundated with technology and increased digital functionality through the use of the Internet, and as a result code libraries have been built to support these data transfers. However, these libraries still contain unsafe code and often lack the ability to inform developers of improper usages of the libraries’ tools. In this proof of concept project, the research uses the C programming language and the ROSE compiler to search through the libcurl SSL source code library in an effort to locate such problems and warn the developer of them. The libcurl variable insecure_ok was found to be uninitialized, and so code was built in order to find it and other such variables, as well as warn programmers of its potential dangers. These represent the first steps for further research into other problems within SSL libraries and improvement of checks within the SSLChecker suite.
    URI


    Collections
    • Clark Honors College Theses [558]

    My Account

    LoginRegister

    Browse

    All of Scholars' BankCommunities & CollectionsBy Issue DateAuthorsTitlesSubjectsThis CollectionBy Issue DateAuthorsTitlesSubjects

    Statistics

    View Usage Statistics

    CAMPUS

    • News
    • Events
    • Maps
    • Directions
    • Class Schedule
    • Academic Calendar

    RESOURCES

    • Webmail
    • Canvas
    • Duckweb
    • Find People
    • A–Z Index
    • UO Libraries

    RELATED INFORMATION

    • Library Accessibility
    • Privacy Policy
    • Giving
    UO Libraries
    1501 Kincaid Street
    1239 University of Oregon
    Eugene, OR 97403-1299

    T: 541-346-3053

    FacebookTwitterYouTubeInstagram

    CareersPrivacy PolicyAboutFind People
    University of Oregon
    ©University of Oregon. All Rights Reserved.

    UO prohibits discrimination on the basis of race, color, sex, national or ethnic origin, age, religion, marital status, disability, veteran status, sexual orientation, gender identity, and gender expression in all programs, activities and employment practices as required by Title IX, other applicable laws, and policies. Retaliation is prohibited by UO policy. Questions may be referred to the Title IX Coordinator, Office of Affirmative Action and Equal Opportunity, or to the Office for Civil Rights. Contact information, related policies, and complaint procedures are listed on the statement of non-discrimination.