计算机工程与应用 ›› 2016, Vol. 52 ›› Issue (15): 110-113.

• 网络、通信与安全 • 上一篇    下一篇

基于过程间分析的缓冲区溢出易发点检测

邹  雪,王兴起,方景龙,王大全   

  1. 杭州电子科技大学 计算机学院,杭州 310018
  • 出版日期:2016-08-01 发布日期:2016-08-12

Buffer overflow prone points detection based on inter-process analysis

ZOU Xue, WANG Xingqi, FANG Jinglong, WANG Daquan   

  1. College of Computer Science and Technology, Hangzhou Dianzi University, Hangzhou 310018, China
  • Online:2016-08-01 Published:2016-08-12

摘要: 针对循环拷贝内存引发的缓冲区溢出漏洞,提出了一种上下文相关的过程间分析检测模型,通过对二进制代码进行一系列的静态分析,使用过程间分析提供的数据交互关系,对缓冲区溢出易发点进行挖掘。这种检测模型基于BinNavi的开放平台,以插件形式实现,能够对溢出易发点进行精确的筛选,有效地减少误报漏报情况。

关键词: 缓冲区溢出, 循环, 易发点, 过程间分析, 函数摘要

Abstract: For buffer overflow vulnerability caused by circulating copies of memory, this paper proposes a context-sensitive inter-process analysis and detection model. Through a series of static analysis of binary code, inter-process analysis using data provided by the inter-process analysis, it mines the buffer overflow prone points. This detection model is based on BinNavi open platform, implemented as a plug, is able to screen accurately spill-prone points and effectively reduces false and negative cases.

Key words: buffer overflow, loop, prone points, process analysis, function summary