Patents by Inventor Ramanathan Venkatapathy

Ramanathan Venkatapathy has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 7624304
    Abstract: Various techniques can be used to detect programming defects relating to the use of integers. A data structure can be created to represent ordering relationships in software instructions. Such ordering relationships can represent common unsound programmer assumptions. After annotating the data structure, unvalidated ordering relationships can be identified. Validation can use both explicit and implicit techniques. Filtering can be used to focus on only significant integer expressions, such as those used in buffer operations. For example, buffer accesses that attempt out-of-bounds buffer accesses due to integer overflow can be detected.
    Type: Grant
    Filed: October 7, 2004
    Date of Patent: November 24, 2009
    Assignee: Microsoft Corporation
    Inventors: Jayaraman Thiagarajan, Ramanathan Venkatapathy
  • Patent number: 7584458
    Abstract: Techniques and tools for implementing a source code annotation language are described. In one aspect, keywords are added to a function interface to define a contract for the function independent of function call context. In another aspect, annotations are inserted at global variables, formal parameters, return values, or user-defined types. The annotations include, for example, properties and qualifiers. A property can indicate, for example, a characteristic of a buffer. In another aspect, an annotation indicates that a value has usability properties sufficient to allow a function to rely on the value, where the usability properties depend on value type.
    Type: Grant
    Filed: October 2, 2003
    Date of Patent: September 1, 2009
    Assignee: Microsoft Corporation
    Inventors: Manuvir Das, Manuel Alfred Fahndrich, Ramanathan Venkatapathy, Daniel W. Weise, William Hunter Hudson, Sameet Harishanker Agarwal, William Hiroaki Shihara, Hannes Ruescher, Spencer Wong Low, F. Soner Terek
  • Patent number: 7484205
    Abstract: A preprocessor-based instrumentation technique wherein source code is provided to a compiler that exposes data structures such as symbols, types, expressions, etc. during the construction of the syntax tree in order to analyze where possible defects might make it desirable to instrument the code. Once a possible defect is detected in a segment of code, information is stored in a PI file detailing what line or lines of code to add, remove, or alter so that the code is instrumented to monitor the code segments at runtime. The PI file and source code are then provided to a preprocessor that uses the information in the PI file to insert instrumentation into the source code prior to the construction of a syntax tree. The now instrumented source code is used to build an instrumented syntax tree, which is then compiled so as to produce executable object code.
    Type: Grant
    Filed: December 12, 2002
    Date of Patent: January 27, 2009
    Assignee: Microsoft Corporation
    Inventor: Ramanathan Venkatapathy
  • Publication number: 20070083933
    Abstract: Methods and systems for analyzing a computer program use static and interprocedural analysis techniques and engines. A data processing operation, such as a function, is automatically identified within the computer program. It is determined whether the function represents a potential source for entry of untrusted data into the computer program. A course of the untrusted data is modeled through the identified function to produce a validation result, such as a call stack. Based on an attribute of the untrusted data (for example, whether the untrusted data is an unbounded integer or a string), it is determined whether the validation result identifies a security vulnerability of the computer program. A security vulnerability may exist, for example, when the modeled course of an unbounded integer through the function produces a buffer overrun in a call stack. The validation result is provided, via an API, software development tool, or user interface, for example.
    Type: Application
    Filed: October 7, 2005
    Publication date: April 12, 2007
    Applicant: Microsoft Corporation
    Inventors: Ramanathan Venkatapathy, Jayaraman Thiagarajan, Dong Wei
  • Publication number: 20060271917
    Abstract: Techniques and tools relating to state-based source code annotation are described. For example, described techniques include flexible techniques for describing object states with annotations. In one aspect, properties of data structures in source code are described using state-defining code annotations. For example, specification structs can be used to describe an arbitrary set of states of objects, thereby improving the capabilities of the annotation language in terms of richness of program description. Specification structs also help to avoid annotating large numbers of individual fields in data structures by allowing several individual fields to be described by a single specification struct. Other aspects of a source code annotation language also are described.
    Type: Application
    Filed: May 31, 2005
    Publication date: November 30, 2006
    Applicant: Microsoft Corporation
    Inventors: Manuvir Das, Manuel Fahndrich, Ramanathan Venkatapathy, Yong Qu, Donn Scott Terry, Daniel Weise, Brian Hackett
  • Publication number: 20060080578
    Abstract: Various techniques can be used to detect programming defects relating to the use of integers. A data structure can be created to represent ordering relationships in software instructions. Such ordering relationships can represent common unsound programmer assumptions. After annotating the data structure, unvalidated ordering relationships can be identified. Validation can use both explicit and implicit techniques. Filtering can be used to focus on only significant integer expressions, such as those used in buffer operations. For example, buffer accesses that attempt out-of-bounds buffer accesses due to integer overflow can be detected.
    Type: Application
    Filed: October 7, 2004
    Publication date: April 13, 2006
    Applicant: Microsoft Corporation
    Inventors: Jayaraman Thiagarajan, Ramanathan Venkatapathy
  • Publication number: 20050076331
    Abstract: Techniques and tools for implementing a source code annotation language are described. In one aspect, keywords are added to a function interface to define a contract for the function independent of function call context. In another aspect, annotations are inserted at global variables, formal parameters, return values, or user-defined types. The annotations include, for example, properties and qualifiers. A property can indicate, for example, a characteristic of a buffer. In another aspect, an annotation indicates that a value has usability properties sufficient to allow a function to rely on the value, where the usability properties depend on value type.
    Type: Application
    Filed: October 2, 2003
    Publication date: April 7, 2005
    Inventors: Manuvir Das, Manuel Fahndrich, Ramanathan Venkatapathy, Daniel Weise, William Hudson, Sameet Agarwal, William Shihara, Hannes Ruescher, Spencer Low, F. Terek
  • Publication number: 20040117771
    Abstract: A preprocessor-based instrumentation technique wherein source code is provided to a compiler that exposes data structures such as symbols, types, expressions, etc. during the construction of the syntax tree in order to analyze where possible defects might make it desirable to instrument the code. Once a possible defect is detected in a segment of code, information is stored in a PI file detailing what line or lines of code to add, remove, or alter so that the code is instrumented to monitor the code segments at runtime. The PI file and source code are then provided to a preprocessor that uses the information in the PI file to insert instrumentation into the source code prior to the construction of a syntax tree. The now instrumented source code is used to build an instrumented syntax tree, which is then compiled so as to produce executable object code.
    Type: Application
    Filed: December 12, 2002
    Publication date: June 17, 2004
    Applicant: Microsoft Corporation
    Inventor: Ramanathan Venkatapathy