Buffer Overflow Detection on Binary Code

作     者：郑燕飞 李晖 陈克非 

作者机构：School of Information Security Eng. Dept. of Computer Science and Eng. Shanghai Jiaotong Univ. Shanghai 200030 China 

出 版 物：《Journal of Shanghai Jiaotong university(Science)》 (上海交通大学学报（英文版）)

年 卷 期：2006年第11卷第2期

页      面：224-229页

核心收录：

学科分类：0839[工学-网络空间安全] 08[工学] 081201[工学-计算机系统结构] 0812[工学-计算机科学与技术（可授工学、理学学位）] 

基　　金：NationalNaturalScienceFoundationofChina(No.90104005) 

主　　题：binary code buffer overflow integer range constraint feature abstract graph 

摘      要：Most solutions for detecting buffer overflow are based on source code. But the requirement tor source code is not always practical especially for business software. A new approach was presented to detect statically the potential buffer overflow vulnerabilities in the binary code of software. The binary code was translated into assembly code without the lose of the information of string operation functions. The feature code abstract graph was constructed to generate more accurate constraint statements, and analyze the assembly code using the method of integer range constraint. After getting the elementary report on suspicious code where buffer overflows possibly happen, the control flow sensitive analysis using program dependence graph was done to decrease the rate of false positive. A prototype was implemented which demonstrates the feasibility and efficiency of the new approach.