Buffer Overflow Vulnerability Location in Binaries Based on Abnormal Execution
Buffer Overflow Vulnerability Location in Binaries Based on Abnormal Execution
Buffer overflow is a very common and dangerous vulnerability. Now there are many methods and tools for this vulnerability, but it is difficult to locate it in binary code. Due to the lack of program semantics in binary programs, it is difficult to determine whether the memory access exceeds its boundary, so we can restore its memory layout to locate the vulnerability. This paper proposes a method: for the same program, input a group of successful execution and abnormal execution data respectively, and then recover the memory of the two kinds of execution. If the memory of successful execution recovery is taken as the buffer boundary, it is easier to judge the buffer overflow in the abnormal execution. In this paper, 20 programs with buffer overflow vulnerability are tested. The experimental results show that the proposed method is more effective than some static program analysis tools in terms of time cost and vulnerability location accuracy.
- Huazhong Agricultural University China (People's Republic of)
selected citations These citations are derived from selected sources.This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).1 popularity This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.Average influence This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).Average impulse This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.Average
Citations provided by BIP!Popularity provided by BIP!