计算机工程与应用Issue(11):190-195,211,7.DOI:10.3778/j.issn.1002-8331.1310-0053
C程序数组越界的运行时验证技术研究与实现
Runtime verification of array bounds overflow of C programs
摘要
Abstract
Buffer overflow can cause very serious security problems and bring serious threats to networks and distributed systems such as clusters, Grids, P2P systems. Array bounds overflow is an important instance of buffer overflow. How to check array bounds overflow is an important and meaningful issue. In this paper, it presents a runtime verification method for checking array bounds overflow. It analyzes the various classes of array bounds overflow errors. Based on the classifi-cation, it investigates the various verification methods. It studies the algorithms for dynamic checking of array bounds overflow based on program instrumentation, implements the algorithms based on the open source compiler Clang. The experi-mental results show that this method is feasible and efficient.关键词
数组越界/运行时验证/程序插桩Key words
array bounds overflow/runtime verification/program instrumentation分类
信息技术与安全科学引用本文复制引用
李文明,陈哲,李绪蓉,黄志球..C程序数组越界的运行时验证技术研究与实现[J].计算机工程与应用,2015,(11):190-195,211,7.基金项目
国家自然科学基金(No.61100034,No.61170043);中国博士后科学基金项目(No.20110491411,No.2012T50498);江苏省博士后科研资助计划项目(No.1101092C)。 ()
