Also escape analysis.
Bug found by frama-c:
http://blog.frama-c.com/index.php?post/2014/02/23/CVE-2013-5914
Quote: "Allow me to put it this way: if the Apple SSL bug is a
coup from the NSA, then you US citizens are lucky. Our spy agency
in Europe is so much better that it does not even have a name you
have heard before, and it is able to plant bugs where the buffer
overflow leading to arbitrary code execution is three function
calls away from the actual bug. The bug from our spy agency is so
deniable that the code actually used to be fine when there were
only two minor revisions of the SSL protocol. The backdoors from
your spy agency are so lame that the Internet has opinions about
them."
