Enviar artigo por via de e-mail Dynamic Detection of Use-After-Free Bugs
- Autores: Asryan S.1, Gaissaryan S.2,3,4,5, Kurmangaleev S.2, Aghabalyan A.6, Hovsepyan N.6, Sargsyan S.6
-
Afiliações:
- Institute of Problems in Informatics and Automation, Armenia National Academy of Sciences
- Ivannikov Institute for System Programming, Russian Academy of Sciences
- Faculty of Computational Mathematics and Cybernetics, Moscow State University
- Moscow Institute of Physics and Technology
- State University—Higher School of Economics
- Erevan State University
- Edição: Volume 45, Nº 7 (2019)
- Páginas: 365-371
- Seção: Article
- URL: https://journals.rcsi.science/0361-7688/article/view/176930
- DOI: https://doi.org/10.1134/S0361768819070028
- ID: 176930
Citar
Acesso aberto
Acesso está concedido
Somente assinantes
Resumo
A novel method for detecting use-after-free bugs based on the program dynamic analysis is described. In memory unsafe programming languages, such as C or C++, this class of bugs mainly occurs when the program tries to access an area of dynamically allocated memory that has been already freed. For each program execution path, the method checks the correction of the allocation, deallocation, and access operations. Since the dynamic analysis is used, bugs can be found only in the parts of the code that was actually executed. The symbolic program execution with the help of SMT (Satisfiability Modulo Theories) solvers is used. This allows us to generate data the processing of which produces new execution paths.
Sobre autores
S. Asryan
Institute of Problems in Informatics and Automation, Armenia National Academy of Sciences
Autor responsável pela correspondência
Email: asryan@ispras.ru
Armênia, Erevan, 0014
S. Gaissaryan
Ivannikov Institute for System Programming, Russian Academy of Sciences; Faculty of Computational Mathematics and Cybernetics, Moscow State University; Moscow Institute of Physics and Technology; State University—Higher School of Economics
Autor responsável pela correspondência
Email: ssg@ispras.ru
Rússia, Moscow, 109004; Moscow, 119991; Dolgoprudnyi, Moscow oblast, 141700; Moscow, 101000
Sh. Kurmangaleev
Ivannikov Institute for System Programming, Russian Academy of Sciences
Autor responsável pela correspondência
Email: kursh@ispras.ru
Rússia, Moscow, 109004
A. Aghabalyan
Erevan State University
Autor responsável pela correspondência
Email: anna.aghabalyan@ispras.ru
Armênia, Erevan, 0025
N. Hovsepyan
Erevan State University
Autor responsável pela correspondência
Email: narekhnh@ispras.ru
Armênia, Erevan, 0025
S. Sargsyan
Erevan State University
Autor responsável pela correspondência
Email: sevaksargsyan@ispras.ru
Armênia, Erevan, 0025
