J Autom Reasoning (2009) 42:265–300 DOI 10.1007/s10817-009-9121-1 Interprocedural and Flow-Sensitive Type Analysis for Memory and Type Safety of C Code Syrine Tlili · Mourad Debbabi Received: 26 February 2009 / Accepted: 26 February 2009 / Published online: 21 March 2009 © Springer Science + Business Media B.V. 2009 Abstract The explicit memory management and type conversion endow the C language with flexibility and performance that render it the de facto language for system programming. However, these appealing features come at the cost of pro- grams’ safety. Due to the C language permissiveness, highly skilled but inadvertent programmers often spawn insidious programming errors that yield exploitable code. In this paper, we present a novel type and effect analysis for detecting memory and type errors in C source code. We extend the standard C type system with effect, region, and host annotations that hold valuable safety information. We also define static safety checks to detect safety errors using the aforementioned annotations. Our analysis performs in an intraprocedural phase and an interprocedural phase. The flow-sensitive and alias-sensitive intraprocedural phase propagates type anno- tations and applies safety checks at each program point. The interprocedural phase generates and propagates unification constraints on type annotations across function boundaries. We present an inference algorithm that automatically infers type anno- tations and applies safety checks to programs without programmers’ interaction. Keywords Type and effect analysis · Memory safety · Type safety · C language This research is the result of a fruitful collaboration between CSL (Computer Security Laboratory) of Concordia University, DRDC (Defense Research and Development Canada) Valcartier and Bell Canada under the NSERC DND Research Partnership Program. S. Tlili (B ) · M. Debbabi Concordia University, 1455 De Maisonneuve Blvd. West, Montreal, Quebec, Canada H3G 1M8 e-mail: s_tlili@ece.concordia.ca M. Debbabi e-mail: debbabi@ciise.concordia.ca