Buffer overflow prone points detection based on inter-process analysis

Abstract

Abstract: For buffer overflow vulnerability caused by circulating copies of memory, this paper proposes a context-sensitive inter-process analysis and detection model. Through a series of static analysis of binary code, inter-process analysis using data provided by the inter-process analysis, it mines the buffer overflow prone points. This detection model is based on BinNavi open platform, implemented as a plug, is able to screen accurately spill-prone points and effectively reduces false and negative cases.

Key words: buffer overflow, loop, prone points, process analysis, function summary

摘要： 针对循环拷贝内存引发的缓冲区溢出漏洞，提出了一种上下文相关的过程间分析检测模型，通过对二进制代码进行一系列的静态分析，使用过程间分析提供的数据交互关系，对缓冲区溢出易发点进行挖掘。这种检测模型基于BinNavi的开放平台，以插件形式实现，能够对溢出易发点进行精确的筛选，有效地减少误报漏报情况。

关键词: 缓冲区溢出, 循环, 易发点, 过程间分析, 函数摘要

ZOU Xue, WANG Xingqi, FANG Jinglong, WANG Daquan. Buffer overflow prone points detection based on inter-process analysis[J]. Computer Engineering and Applications, 2016, 52(15): 110-113.

邹雪，王兴起，方景龙，王大全. 基于过程间分析的缓冲区溢出易发点检测[J]. 计算机工程与应用, 2016, 52(15): 110-113.

[1]	YAN Xiaoshen, GAO Qiang, ZHU Simeng, XI Xuecheng, ZHAO Wansheng. Study on Character Segmentation Algorithm of Pressed Character on Uneven Brightness Low Quality Images [J]. Computer Engineering and Applications, 2021, 57(8): 185-191.
[2]	LI Li, JI Xinyuan, SONG Song. Prediction Model for Number of Software Defects in Loop [J]. Computer Engineering and Applications, 2021, 57(7): 158-163.
[3]	SU Fei, WANG Hong, ZU Linlu, WANG Jiang, LIU Chen. Closed-Loop Modulation of Parkinson’s State Based on Fuzzy Control [J]. Computer Engineering and Applications, 2021, 57(22): 273-280.
[4]	WANG Xiuli, ZHOU Peng, HOU Jingnan, WANG Shijun, LIN Xia. Research on Algorithm of Inspection Path Planning for Substation Robot [J]. Computer Engineering and Applications, 2021, 57(14): 245-250.
[5]	CHEN Yong, YANG Yabin. Design of Supply Chain Network for High-Salvage Perishable Product Under Interval Programming [J]. Computer Engineering and Applications, 2020, 56(6): 254-261.
[6]	HUO Qingqing, GUO Jianquan. Fuzzy Optimization of 3C Product Sustainable Closed-Loop Logistics Network Under TBL Theory [J]. Computer Engineering and Applications, 2020, 56(19): 237-243.
[7]	SUN Jinling, YUAN Pengpeng, KONG Panpan. Decision Study of Closed-Loop Supply Chain Considering Processing Fund and Uncertain Recycling Quality [J]. Computer Engineering and Applications, 2020, 56(15): 259-267.
[8]	CHAI Xiaofei, LIU Song, QU Bin, WANG Qian, WU Weiguo. Vectorization-Friendly Tile Size Selection Algorithm [J]. Computer Engineering and Applications, 2020, 56(15): 37-42.
[9]	WU Xiru, HUANG Yuyuan, WANG Yaonan. Robot RGB-D SLAM Algorithm Based on Improved ORB Feature [J]. Computer Engineering and Applications, 2020, 56(14): 35-44.
[10]	CHEN Liang, PAN Haipeng, WU Ping, ZHOU Wei. Closed Loop Subspace Identification Method of Impulse Response Model [J]. Computer Engineering and Applications, 2019, 55(8): 195-200.
[11]	YANG Xiaohua, GUO Jianquan. Fuzzy Programming of Closed-Loop Logistics Network for Fresh Products under New Retail Model [J]. Computer Engineering and Applications, 2019, 55(2): 198-205.
[12]	CHEN Rui, PANG Haiping, HAO Li, LI Da, YANG Dong. Modeling and Analysis of Asynchronous Scheduling Mechanism for Powerlink Protocol [J]. Computer Engineering and Applications, 2019, 55(17): 259-265.
[13]	HAN Mei1，2, KANG Kai1. Research on Pricing Decision of Double Competition Closed-loop Supply Chain with Uncertainty of Recovery Quantity [J]. Computer Engineering and Applications, 2019, 55(12): 230-236.
[14]	SHI Chengdong1, GUO Fuli2, YAN Xiuxia1, MA Guanying1, LI Qiang1. Optimal emission reduction of closed loop supply chain under loss-averse risk measure [J]. Computer Engineering and Applications, 2018, 54(4): 256-262.
[15]	SONG Lixin1, HE Yuping2. Design of SUV rollover warning system based on hardware-in-the-loop real-time simulations [J]. Computer Engineering and Applications, 2018, 54(3): 238-242.

Buffer overflow prone points detection based on inter-process analysis

基于过程间分析的缓冲区溢出易发点检测

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics