Software failures in computer programs have been the cause of many computer security problems. Software failures can be caused by arithmetic errors (e.g., division by zero), logic errors (e.g., infinite loops), and resource errors (e.g., access violations), and often cause abnormal program termination or other recognizable behavior. Software failures can also be caused by code-injection attacks. These attacks exploit a memory error in the program which is then used to insert malicious code into the computer program. Typically, such an attack is used to overflow a buffer in the program stack and cause the control of the program to be transferred to the inserted malicious code. The malicious code can be a worm, a Trojan, or a virus. These software failures lead to general disruption of the computing system. Sometimes the software failure affects outputs from the computer program (e.g., external objects, user data files, devices under program control, or data presented on graphical user interfaces) thereby extending the disruption and corruption to other computing systems.
There are some known techniques that have been proposed to recover from such software failures. Some techniques concentrate on recovering from the failure. Other techniques track the input that caused the failure so that the input can be detected at a future time, thereby immunizing the computer program from the software failure in the future. However, these techniques fail to automatically detect and correct the effects of the software failure before any potentially erroneous output is released from the computer program.