Abstract

Nowadays binary static analysis uses dangerous system library function to detect stack overflow vulnerary in program and there is no effective way to dig out the function which can cause stack overflow issue. List necessarily characteristics of the function which may cause stack overflow vulnerary and define stack overflow dangerous function(SODF). Then introduce static taint analysis to detect SODF include taint introduction, taint propagation and taint checking stragety. Next describe the particular process of detecting SODF in the program with static taint analysis. Finally choose 4 runtime library and 2 binary software, and detect whether the chosen software has SODF and locate the name of SODF with static taint analysis. Testing result shows that the algorithm can detect and locate plenty of SODF in test program which means the algorithm can work efficiently.

Highlights

  • Stack overflow is a well-known security issue, which can be used to execute unauthorized instructions and illegal operations

  • Binary analysis aims at checking if there is boundary detection when calling library functions to determine whether exists stack overflow vulnerability

  • Through the analysis of a large number of stack overflow vulnerabilities, we summarize the characteristics of Stack Overflow Dangerous Function as follow: (1) Contains a loop (2) Data transfer from the source buffer to the destination buffer in the loop (3) The source buffer address is the parameter of the function (4) The destination buffer is the parameter or a local variable of the function (5) The loop control variable is not dependent on the destination buffer

Read more

Summary

Introduction

Stack overflow is a well-known security issue, which can be used to execute unauthorized instructions and illegal operations. Current method of detecting stack overflow vulnerabilities can be divided into dynamic and static analysis. Source code analysis and binary analysis provide effective performance in static analysis. Source code analysis detects possible vulnerabilities by comparison with known vulnerabilities after lexical analysis. Binary analysis aims at checking if there is boundary detection when calling library functions to determine whether exists stack overflow vulnerability. Static analysis can efficiently locate the stack overflow vulnerability. There is no good way to locate the function which has stack overflow risk and defined by the program itself. Most static method to detect binary software’s stack overflow vulnerability is based on analyzing known vulnerable library functions. Many programs have stack overflow vulnerability because of bad boundary condition of self-defined function. IKEView.exe has stack overflow vulnerability because of a self-define function with R60 version. The results show that static taint analysis can achieve higher accuracy

Basic Definitions
Some Definitions
Intermediate Languages
Stack Overflow Dangerous Function Model
Characteristic of SODF
Over View
Suspicious Basic Block
Static Taint State
Taint Analysis Strategy
Result
Experiment Design
Conclusions
Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call