Stopping 0-Days with Formal Languages

Abstract: The Internet insecurity epidemic is a consequence of ad hoc programming of input handling at all layers of network stacks, and in other kinds of software stacks. The only path to trustworthy software that takes untrusted inputs is treating all valid or expected inputs as a formal language, and the respective input-handling routines as a recognizer for that language. When input handling is done in ad hoc way, the de facto recognizer, i.e.the input recognition and validation code ends up scattered throughout the program, does not match the programmers' assumptions about safety and validity of data, and thus provides ample opportunities for exploitation.