Momot, Falcon DarkstarFalcon DarkstarMomotBratus, SergeySergeyBratusHallberg, Sven MoritzSven MoritzHallbergPatterson, Meredith L.Meredith L.Patterson2020-02-052020-02-052017-02-06Proceedings - 2016 IEEE Cybersecurity Development, SecDev 2016: 7839788 45-52 (2017-02)http://hdl.handle.net/11420/4733Input-handling bugs share two common patterns: insufficient recognition, where input-checking logic is unfit to validate a program's assumptions about inputs, %leading to the code acting on invalid inputs, and parser differentials, wherein two or more components of a system fail to interpret input equivalently. We argue that these patterns are artifacts of avoidable weaknesses in the development process and explore these patterns both in general and via recent CVE instances. We break ground on defining the input-handling code weaknesses that should be actionable findings and propose a refactoring of existing CWEs to accommodate them. We propose a set of new CWEs to name such weaknesses that will help code auditors and penetration testers precisely express their findings of likely vulnerable code structures.enCWEsLangSecsecure parsingTechnikConference Paper10.1109/SecDev.2016.019Other