Dynamic Detection of Use-After-Free Bugs


如何引用文章

全文:

开放存取 开放存取
受限制的访问 ##reader.subscriptionAccessGranted##
受限制的访问 订阅存取

详细

A novel method for detecting use-after-free bugs based on the program dynamic analysis is described. In memory unsafe programming languages, such as C or C++, this class of bugs mainly occurs when the program tries to access an area of dynamically allocated memory that has been already freed. For each program execution path, the method checks the correction of the allocation, deallocation, and access operations. Since the dynamic analysis is used, bugs can be found only in the parts of the code that was actually executed. The symbolic program execution with the help of SMT (Satisfiability Modulo Theories) solvers is used. This allows us to generate data the processing of which produces new execution paths.

作者简介

S. Asryan

Institute of Problems in Informatics and Automation, Armenia National Academy of Sciences

编辑信件的主要联系方式.
Email: asryan@ispras.ru
亚美尼亚, Erevan, 0014

S. Gaissaryan

Ivannikov Institute for System Programming, Russian Academy of Sciences; Faculty of Computational Mathematics and Cybernetics, Moscow State University; Moscow Institute of Physics and Technology; State University—Higher School of Economics

编辑信件的主要联系方式.
Email: ssg@ispras.ru
俄罗斯联邦, Moscow, 109004; Moscow, 119991; Dolgoprudnyi, Moscow oblast, 141700; Moscow, 101000

Sh. Kurmangaleev

Ivannikov Institute for System Programming, Russian Academy of Sciences

编辑信件的主要联系方式.
Email: kursh@ispras.ru
俄罗斯联邦, Moscow, 109004

A. Aghabalyan

Erevan State University

编辑信件的主要联系方式.
Email: anna.aghabalyan@ispras.ru
亚美尼亚, Erevan, 0025

N. Hovsepyan

Erevan State University

编辑信件的主要联系方式.
Email: narekhnh@ispras.ru
亚美尼亚, Erevan, 0025

S. Sargsyan

Erevan State University

编辑信件的主要联系方式.
Email: sevaksargsyan@ispras.ru
亚美尼亚, Erevan, 0025

补充文件

附件文件
动作
1. JATS XML
下载

版权所有 © Pleiades Publishing, Ltd., 2019