计算机工程2012,Vol.38Issue(24):46-49,4.
基于污点指针的二进制代码缺陷检测
Binary Code Defect Detection Based on Taint Pointer
摘要
Abstract
Taint pointers are serious threats to the security of data flow and control flow. A method for binary defect detection is proposed, which is based on dynamic taint propagation, dynamic symbolic execution and bound constraint analysis, including introduction of the pointer propagation rules, generation of trigger condition by combing path constraints with bound constraints. It can generate inputs for four types of code defects caused by taint pointer. Test results show that this method reduces the number of test case generation effectively, and a virtual function call hijack and two pointer memory corruption defects are found in the test of Linux system tools.关键词
污点指针/污点传播/符号执行/边界条件/缺陷检测/内存破坏Key words
taint pointer/ taint propagation/ symbolic execution/ bound condition/ defect detection/ memory corruption分类
信息技术与安全科学引用本文复制引用
刘杰,王嘉捷,欧阳永基,王清贤..基于污点指针的二进制代码缺陷检测[J].计算机工程,2012,38(24):46-49,4.基金项目
国家"863"计划基金资助项目(2008AA01Z420) (2008AA01Z420)
