计算机工程2012,Vol.38Issue(9):138-140,3.DOI:10.3969/j.issn.1000-3428.2012.09.041
基于代码插装的缓冲区溢出漏洞定位技术
Buffer Overflow Vulnerability Location Technology Based on Code Instrumentation
史胜利1
作者信息
- 1. 包头师范学院信息科学与技术学院,内蒙古包头014030
- 折叠
摘要
Abstract
In order to find buffer overflow vulnerability point accurately and rapidly, this paper proposes a method that can find buffer overflow vulnerabilities in binary file through code instrumentation. It uses plentiful functions PIN providing to make program analysis tool and saves information needed during program execution. When detecting memory access violation exception, it distinguishes what class of memory corruption and obtains memory corruption point and seeks illegal memory writing instruction to locate vulnerability. Example analysis shows that the method does not need source program, and has higher efficiency, it can locate popular buffer overflow vulnerabilities successfully.关键词
漏洞定位/代码插装/返回地址/函数指针/异常/缓冲区溢出Key words
vulnerability location/ code instrumentation/ return address/ function pointer/ exception/ buffer overflow分类
信息技术与安全科学引用本文复制引用
史胜利..基于代码插装的缓冲区溢出漏洞定位技术[J].计算机工程,2012,38(9):138-140,3.
