Email this article Dynamic Detection of Use-After-Free Bugs
- Authors: Asryan S.A.1, Gaissaryan S.S.2,3,4,5, Kurmangaleev S.F.2, Aghabalyan A.M.6, Hovsepyan N.G.6, Sargsyan S.S.6
-
Affiliations:
- Institute of Problems in Informatics and Automation, Armenia National Academy of Sciences
- Ivannikov Institute for System Programming, Russian Academy of Sciences
- Faculty of Computational Mathematics and Cybernetics, Moscow State University
- Moscow Institute of Physics and Technology
- State University—Higher School of Economics
- Erevan State University
- Issue: Vol 45, No 7 (2019)
- Pages: 365-371
- Section: Article
- URL: https://journals.rcsi.science/0361-7688/article/view/176930
- DOI: https://doi.org/10.1134/S0361768819070028
- ID: 176930
Cite item
Open Access
Access granted
Subscription Access
Abstract
A novel method for detecting use-after-free bugs based on the program dynamic analysis is described. In memory unsafe programming languages, such as C or C++, this class of bugs mainly occurs when the program tries to access an area of dynamically allocated memory that has been already freed. For each program execution path, the method checks the correction of the allocation, deallocation, and access operations. Since the dynamic analysis is used, bugs can be found only in the parts of the code that was actually executed. The symbolic program execution with the help of SMT (Satisfiability Modulo Theories) solvers is used. This allows us to generate data the processing of which produces new execution paths.
About the authors
S. A. Asryan
Institute of Problems in Informatics and Automation, Armenia National Academy of Sciences
Author for correspondence.
Email: asryan@ispras.ru
Armenia, Erevan, 0014
S. S. Gaissaryan
Ivannikov Institute for System Programming, Russian Academy of Sciences; Faculty of Computational Mathematics and Cybernetics, Moscow State University; Moscow Institute of Physics and Technology; State University—Higher School of Economics
Author for correspondence.
Email: ssg@ispras.ru
Russian Federation, Moscow, 109004; Moscow, 119991; Dolgoprudnyi, Moscow oblast, 141700; Moscow, 101000
Sh. F. Kurmangaleev
Ivannikov Institute for System Programming, Russian Academy of Sciences
Author for correspondence.
Email: kursh@ispras.ru
Russian Federation, Moscow, 109004
A. M. Aghabalyan
Erevan State University
Author for correspondence.
Email: anna.aghabalyan@ispras.ru
Armenia, Erevan, 0025
N. G. Hovsepyan
Erevan State University
Author for correspondence.
Email: narekhnh@ispras.ru
Armenia, Erevan, 0025
S. S. Sargsyan
Erevan State University
Author for correspondence.
Email: sevaksargsyan@ispras.ru
Armenia, Erevan, 0025
