Flow-sensitive buffer overrun detection based on syntax node

Author

Guangdeng, Liao ; Fang, Liu ; Yonghua, Wu

Author_Institution

Dept. of Comput. Sci. & Eng., Shanghai Jiao Tong Univ., China

Volume

fYear

2005

fDate

12-14 Oct. 2005

Firstpage

1100

Lastpage

1103

Abstract

This paper addresses the issue of identifying buffer overrun vulnerabilities by statically analyzing security-critical C source code. We demonstrate one algorithm with flow-sensitive analysis to gain variable´s activity area. Different from other tools, the detection and analyzing process of our algorithm is based on syntax node which makes it context sensitive, and also makes the system scalable and fast owing to limited kinds of syntax nodes of C language. Based on them, a prototype has been built and used to identify several vulnerabilities in popular security critical applications.

Keywords

C language; buffer storage; program diagnostics; security of data; C language syntax nodes; buffer overrun vulnerabilities; flow-sensitive analysis; flow-sensitive buffer overrun detection; security-critical C source code; syntax node; Algorithm design and analysis; Application software; Databases; Programming profession; Prototypes; Security; Snow; Software engineering; Software libraries; Software tools;

fLanguage

English

Publisher

ieee

Conference_Titel

Communications and Information Technology, 2005. ISCIT 2005. IEEE International Symposium on

Print_ISBN

0-7803-9538-7

Type

conf

DOI

10.1109/ISCIT.2005.1567060

Filename

1567060

Link To Document

https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2880878