Patents by Inventor Ramanathan Venkatapathy
Ramanathan Venkatapathy has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 7624304Abstract: Various techniques can be used to detect programming defects relating to the use of integers. A data structure can be created to represent ordering relationships in software instructions. Such ordering relationships can represent common unsound programmer assumptions. After annotating the data structure, unvalidated ordering relationships can be identified. Validation can use both explicit and implicit techniques. Filtering can be used to focus on only significant integer expressions, such as those used in buffer operations. For example, buffer accesses that attempt out-of-bounds buffer accesses due to integer overflow can be detected.Type: GrantFiled: October 7, 2004Date of Patent: November 24, 2009Assignee: Microsoft CorporationInventors: Jayaraman Thiagarajan, Ramanathan Venkatapathy
-
Patent number: 7584458Abstract: Techniques and tools for implementing a source code annotation language are described. In one aspect, keywords are added to a function interface to define a contract for the function independent of function call context. In another aspect, annotations are inserted at global variables, formal parameters, return values, or user-defined types. The annotations include, for example, properties and qualifiers. A property can indicate, for example, a characteristic of a buffer. In another aspect, an annotation indicates that a value has usability properties sufficient to allow a function to rely on the value, where the usability properties depend on value type.Type: GrantFiled: October 2, 2003Date of Patent: September 1, 2009Assignee: Microsoft CorporationInventors: Manuvir Das, Manuel Alfred Fahndrich, Ramanathan Venkatapathy, Daniel W. Weise, William Hunter Hudson, Sameet Harishanker Agarwal, William Hiroaki Shihara, Hannes Ruescher, Spencer Wong Low, F. Soner Terek
-
Patent number: 7484205Abstract: A preprocessor-based instrumentation technique wherein source code is provided to a compiler that exposes data structures such as symbols, types, expressions, etc. during the construction of the syntax tree in order to analyze where possible defects might make it desirable to instrument the code. Once a possible defect is detected in a segment of code, information is stored in a PI file detailing what line or lines of code to add, remove, or alter so that the code is instrumented to monitor the code segments at runtime. The PI file and source code are then provided to a preprocessor that uses the information in the PI file to insert instrumentation into the source code prior to the construction of a syntax tree. The now instrumented source code is used to build an instrumented syntax tree, which is then compiled so as to produce executable object code.Type: GrantFiled: December 12, 2002Date of Patent: January 27, 2009Assignee: Microsoft CorporationInventor: Ramanathan Venkatapathy
-
Publication number: 20070083933Abstract: Methods and systems for analyzing a computer program use static and interprocedural analysis techniques and engines. A data processing operation, such as a function, is automatically identified within the computer program. It is determined whether the function represents a potential source for entry of untrusted data into the computer program. A course of the untrusted data is modeled through the identified function to produce a validation result, such as a call stack. Based on an attribute of the untrusted data (for example, whether the untrusted data is an unbounded integer or a string), it is determined whether the validation result identifies a security vulnerability of the computer program. A security vulnerability may exist, for example, when the modeled course of an unbounded integer through the function produces a buffer overrun in a call stack. The validation result is provided, via an API, software development tool, or user interface, for example.Type: ApplicationFiled: October 7, 2005Publication date: April 12, 2007Applicant: Microsoft CorporationInventors: Ramanathan Venkatapathy, Jayaraman Thiagarajan, Dong Wei
-
Publication number: 20060271917Abstract: Techniques and tools relating to state-based source code annotation are described. For example, described techniques include flexible techniques for describing object states with annotations. In one aspect, properties of data structures in source code are described using state-defining code annotations. For example, specification structs can be used to describe an arbitrary set of states of objects, thereby improving the capabilities of the annotation language in terms of richness of program description. Specification structs also help to avoid annotating large numbers of individual fields in data structures by allowing several individual fields to be described by a single specification struct. Other aspects of a source code annotation language also are described.Type: ApplicationFiled: May 31, 2005Publication date: November 30, 2006Applicant: Microsoft CorporationInventors: Manuvir Das, Manuel Fahndrich, Ramanathan Venkatapathy, Yong Qu, Donn Scott Terry, Daniel Weise, Brian Hackett
-
Publication number: 20060080578Abstract: Various techniques can be used to detect programming defects relating to the use of integers. A data structure can be created to represent ordering relationships in software instructions. Such ordering relationships can represent common unsound programmer assumptions. After annotating the data structure, unvalidated ordering relationships can be identified. Validation can use both explicit and implicit techniques. Filtering can be used to focus on only significant integer expressions, such as those used in buffer operations. For example, buffer accesses that attempt out-of-bounds buffer accesses due to integer overflow can be detected.Type: ApplicationFiled: October 7, 2004Publication date: April 13, 2006Applicant: Microsoft CorporationInventors: Jayaraman Thiagarajan, Ramanathan Venkatapathy
-
Publication number: 20050076331Abstract: Techniques and tools for implementing a source code annotation language are described. In one aspect, keywords are added to a function interface to define a contract for the function independent of function call context. In another aspect, annotations are inserted at global variables, formal parameters, return values, or user-defined types. The annotations include, for example, properties and qualifiers. A property can indicate, for example, a characteristic of a buffer. In another aspect, an annotation indicates that a value has usability properties sufficient to allow a function to rely on the value, where the usability properties depend on value type.Type: ApplicationFiled: October 2, 2003Publication date: April 7, 2005Inventors: Manuvir Das, Manuel Fahndrich, Ramanathan Venkatapathy, Daniel Weise, William Hudson, Sameet Agarwal, William Shihara, Hannes Ruescher, Spencer Low, F. Terek
-
Publication number: 20040117771Abstract: A preprocessor-based instrumentation technique wherein source code is provided to a compiler that exposes data structures such as symbols, types, expressions, etc. during the construction of the syntax tree in order to analyze where possible defects might make it desirable to instrument the code. Once a possible defect is detected in a segment of code, information is stored in a PI file detailing what line or lines of code to add, remove, or alter so that the code is instrumented to monitor the code segments at runtime. The PI file and source code are then provided to a preprocessor that uses the information in the PI file to insert instrumentation into the source code prior to the construction of a syntax tree. The now instrumented source code is used to build an instrumented syntax tree, which is then compiled so as to produce executable object code.Type: ApplicationFiled: December 12, 2002Publication date: June 17, 2004Applicant: Microsoft CorporationInventor: Ramanathan Venkatapathy