An Approach to Vulnerability Searching of Integer Overflows in the Executable Program Code

R. A. Demidov; A. I. Pechenkin; P. D. Zegzhda

doi:10.3103/S0146411618080102

An Approach to Vulnerability Searching of Integer Overflows in the Executable Program Code

作者: Demidov R.A.¹, Pechenkin A.I.¹, Zegzhda P.D.¹
隶属关系:
1. Peter the Great St.Petersburg Polytechnic University
期: 卷 52, 编号 8 (2018)
页面: 1022-1028
栏目: Article
URL: https://journals.rcsi.science/0146-4116/article/view/175705
DOI: https://doi.org/10.3103/S0146411618080102
ID: 175705

如何引用文章

全文:

开放存取

##reader.subscriptionAccessGranted##
受限制的访问

订阅存取

详细
作者简介
参考
补充文件
统计

详细

This article proposes an approach to identifying integer overflow vulnerabilities in software represented by the executable code of x86 architecture. The approach is based on symbolic code execution and initially twofold representation of memory cells. A truncated control transfer graph is constructed from the machine code of the program, the paths in which are layer-by-layer checked for the feasibility of the vulnerability conditions. The proposed methods were implemented in practice and experimentally tested on the various code samples.

关键词

vulnerability search, symbolic execution, symbolic memory, vulnerability classification, control flow graph, integer overflow

补充文件

附件文件

动作

1. JATS XML

下载

用户名
密码
记住我

忘记您的密码?	注册

用户名
密码
记住我

忘记您的密码?	注册

An Approach to Vulnerability Searching of Integer Overflows in the Executable Program Code

全文:

详细

关键词

作者简介

R. Demidov

A. Pechenkin

P. Zegzhda

补充文件