Program Slicing Based Buffer Overflow Detection

Yingzhou  Zhang; Wei  Fu; Xiaofei  Qian; Wei  Chen

doi:10.4236/jsea.2010.310113

Yingzhou Zhang^*, Wei Fu, Xiaofei Qian, Wei Chen

Abstract: The development of the information technology has brought threats to human society when it has influenced seriously the global politics, economics and military etc. But among the security of information system, buffer overrun vulnerability is undoubtedly one of the most important and common vulnerabilities. This paper describes a new technology, named program slicing, to detect the buffer overflow leak in security-critical C code. First, we use slicing technology to analyze the variables which may be with vulnerability and extract the expressions which will bring memory overflow. Secondly, we utilize debug technology to get the size of memory applied by the variable and the size of memory used for these code segments (the slicing result) further. Therefore we can judge whether it will overflow according to the analysis above. According to the unique excellence of program slicing performing in the large-scale program’s debugging, the method to detect buffer overrun vulnerability described in this paper will reduce the workload greatly and locate the code sentences affected by corresponding variable set quickly, particularly including the potential vulnerability caused by parameter dependence among the subroutines.

Keywords: Program Slicing, Buffer Overflow, Inter-Procedure Slicing, Debug, System Dependence Graph

Cite this paper: nullY. Zhang, W. Fu, X. Qian and W. Chen, "Program Slicing Based Buffer Overflow Detection," Journal of Software Engineering and Applications, Vol. 3 No. 10, 2010, pp. 965-971. doi: 10.4236/jsea.2010.310113.

References

[1] “CERT/CC.Vulnerability Notes by Metric,” http://www.kb. cert.org/vuls/bymetric?open&start=1&count=20

[2] “US-CERT Recently Published Vulnerability Notes,” http://www.kb.cert.org/vuls/atomfeed?OpenView&start =1&count=30

[3] “Secure Software, Rough Auditing Tool for Security, (RATS),” Secure Software Inc, http://www.secure software.com

[4] J. Viega, J. T. Bloch, T. Kohno and G. McGraw, “ITS4: A Static Vulnerability Scanner for c and c++ Code,” Annual Computer Security Applications Conference, Hawaii, 2000, pp. 257-267.

[5] D. Evans and D. Larochelle, “Improving Security Using Extensible Lightweight Static Analysis,” IEEE Software, Vol. 19, No. 1, 2002, pp. 42-51.

[6] M. Weiser, “Program Slicing,” The IEEE Transactions on Software Engineering, Vol. 10, No. 4, 1984, pp. 352-357.

[7] Y.Z. Zhang and B. W. Xu, “A Novel Formal Approach to Program Slicing,” Science in China, Series E, Information Sciences, Vol. 38, No. 2, 2008, pp. 161-176.

[8] S. Horwitz, T. Reps and D. Binkley, “Interprocedural Slicing Using Dependence Graphs,” ACM Transaction on Programming Languages and Systems, Vol. 12, No. 1, pp. 26-60.

[9] “Zeta Debugger,” http://www.fyzor.com/debugger/index.htm