一种针对C程序缓冲区溢出的检测方法

Method to detect buffer overflow in C programs

下载PDF

导出

摘要为了增强对程序缓冲区溢出漏洞的检测,提出一种利用CCured和BLAST对C程序进行分析的检测方法。首先利用CCured对C语言源程序进行运行时检测的代码插桩;然后用BLAST提供的自定义安全属性语言对这些插桩代码进行相关约束描述;最后让BLAST根据约束描述文件对代码插桩后的程序进行模型检测,就可以尽可能地找出C语言程序中潜在的缓冲区溢出漏洞。 To enhance the buffer overflow detection for programs,this paper put forward a testing method based the analysis for C programs using CCured and BLAST.Firstly,the method used CCured to insert runtime detections into C program,and then described the constraints of the detections with the customized security-attribute language provided by BLAST.At last,according to the descriptions,BLAST could do model checking on the programs to find out the potential buffer overflow vulnerabilities in the programs as far as possible.

作者徐超何炎祥胡明昊吴伟陈勇刘健博

机构地区武汉大学计算机学院徐州工业职业技术学院武汉大学软件工程国家重点实验室

出处《计算机应用研究》 CSCD 北大核心 2012年第2期617-620,共4页 Application Research of Computers

基金国家自然科学基金可信软件重大研究计划资助项目(90818018 91018009)

关键词 CCured BLAST 模型检测缓冲区溢出安全属性 CCured BLAST（Barkeley lazy abstraction software verification tool） model checking buffer overflow security attributes

分类号 TP301.2 [自动化与计算机技术—计算机系统结构]

引文网络
相关文献

参考文献11

1PAN Wen JIANG ZhanJun DU ZhengFeng WANG Yan YOU XiaoHu.Analysis of a reduced-ML algorithm in BLAST[J].Science in China(Series F),2008,51(12):2094-2100. 被引量：6
2BEYER D, HENZINGER T, THEODULOZ G. Lazy shape analysis [ C ]//Proc of Computer Aided Verification. Berlin : Springer, 2006 : 532-546.
3CCured manual[ EB/OL]. http ://hal. cs. berkeley, edu/ccured.
4NECULA G C, McPEAK S, WEIMER W. CCured:type-safe retrofit- ting of legacy code [ C ]//Proc of ACM SIGPLAN-SIGACT Conference on the Principles of Programming Languages. Portland: ACM Press, 2002 : 128-139.
5BLAST manual[ EB/OL]. http://www, sosy-lab, org/- dbeyer/blast _doe.
6SERY O. Enhanced property specification and verification in BLAST [ C ]//Proc of Fundamental Approaches to Software Engineering. [ S. 1. ~ : IEEE Computer Science Press,2009:456-469.
7BEYER D, HENZINGER T, THEODULOZ G. Configurable software verification : concretizing the convergence of model checking and pro- gram analysis[ C ]//Proc of Computer Aided Verification. [ S. 1. ] : IEEE Computer Science Press, 2007:504- 518.
8BEYER D, JHALA R, HENZINGER T, et al. The BLAST query language for software verification [ C ]//Proc of SAS. Heidelberg: Springer,2004 : 2 - 18.
9BEYER D, HENZINGER T, THEODULOZ G. Program analysis with dynamic precision adjustment[ C ]//Proc of Automated Software Engi- neering. [ S. 1. ] : IEEE Computer Society Press, 2008:29-38.
10何恺铎,顾明,宋晓宇,李力,李江.面向源代码的软件模型检测及其实现[J].计算机科学,2009,36(1):267-272. 被引量：6

二级参考文献44

1袁志斌,徐正权,王能超.软件模型检测中的抽象[J].计算机科学,2006,33(7):276-279. 被引量：5
2G C Necula, S McPeak, W Weimer. CCured: typesafe retrofitting of legacy code [ A ]. ACM SIGPLAN-SIGACT Conference on the Principles of Programming Languages ( POPL ) [ C ]. Portland: ACM Press, 2002.128 - 139.
3U Hermann. Overview of pscan source package [ EB/OL ] http://packages.qa. debian.org/p/pscan.html. 2006 - 11.
4J Viega, J T Bloch, T Kohno, G. McGraw. ITS4: a static vulnerability scanner for C and C + + code [A]. 16th Annual Computer Security Applications Conference[ C]. New Orleans, US: IEEE, 2000.245 - 257.
5D Evans, D Larochelle. Improving security using extensible lightweight static analysis[ J]. IEEE Software, 2002, 19( 1 ) :42 -51.
6U Shankar, K Talwar, J S Foster, D Wagner. Detecting format string vulnerabilities with type qualifiers[ A]. Proc of the 10th USENIX Security Symposium[ C]. Washington, DC: USENIX Association,2001.16 - 16.
7M Zitser, An Evaluation of Static Source Code Analyzers[ D]. Massachusetts Institute of Technology, 2003.
8E Clarke, O Grumberg, D Peled, Model Checking[M]. Massachusetts: The MIT Press, Cambridge, 1999.
9O Lichtenstein, A Pnuefi. Checking that finite state concurrent programs satisfy their linear specification [ A ]. Proceedings of the Twelfth Annual ACM Symposium on Principles of Programming Languages[ C]. New Orleans, US: ACM, 1985.97 - 107.
10D Larochelle, D Evans. Statically detecting likely buffer overflow vulnerabilities [A ]. 2001 USENLX Security Symposium [C] .Washington, DG,2001.13 - 17,177 - 190.

共引文献14

1杨洋,帅春燕,江建慧.基于堆栈分析的缓冲区溢出漏洞检测方法[J].计算机研究与发展,2010,47(S1):291-295.
2王海红,王欣,魏急波.4×4 V-BLAST系统分组最大似然检测算法[J].信号处理,2010,26(3):369-374. 被引量：1
3CHENG WenChi & ZHANG HaiLin State Key Lab of ISN, Xidian University, Xi’an 710071, China.Approximating maximum likelihood performance reduced dimension VBLAST detection algorithm[J].Science China(Information Sciences),2010,53(7):1439-1445. 被引量：2
4徐赛华.基于二阶偏微分方程的环境模型研究[J].计算机应用与软件,2010,27(8):131-132.
5梁加宾,张来顺.谓词抽象技术中循环反例的解决方法研究[J].计算机工程与设计,2010,31(24):5269-5272.
6王雅文,宫云战,肖庆,杨朝红.基于抽象解释的变量值范围分析及应用[J].电子学报,2011,39(2):296-303. 被引量：16
7TIAN JinFeng,ZHENG XiaoYing,HU HongLin,YOU XiaoHu.A survey of next generation mobile communications researchin China[J].Chinese Science Bulletin,2011,56(27):2875-2888. 被引量：6
8田金凤,郑小盈,胡宏林,尤肖虎.中国下一代移动通信研究[J].科学通报,2012,57(5):299-313. 被引量：17
9张一弛,庞建民,范学斌,姚鑫磊.基于模型检测的程序恶意行为识别方法[J].计算机工程,2012,38(18):107-110. 被引量：5
10张红瑞,吕延岗,冯秀彦,习亚峰.基于MSF的Windows系统漏洞溢出仿真实验[J].实验室研究与探索,2012,31(12):242-244.

1邢光林,刘卫平.基于角色访问控制的授权约束描述[J].中南民族大学学报（自然科学版）,2008,27(4):92-95.
2付晓毓,朱利,顾伟.基于模型检测的内存泄露静态测试方法[J].微电子学与计算机,2010,27(10):170-173. 被引量：5
3郭锐,李博,彭宝新.用于覆盖测试的代码插桩程序设计与实现[J].科学技术与工程,2013,21(30):9072-9077. 被引量：5
4王卓,冯珊.基于角色访问控制模型约束的OCL描述[J].计算机工程与应用,2003,39(21):100-102. 被引量：7
5代伟,刘智,刘益和.基于地址完整性检查的函数指针攻击检测[J].计算机应用,2015,35(2):424-429. 被引量：3
6邢光林,洪帆.基于角色和任务的工作流授权模型及约束描述[J].计算机研究与发展,2005,42(11):1946-1953. 被引量：12
7杭欢,杜世奇.C程序变量错误检测技术的设计与实现[J].软件,2016,37(11):84-87.
8朱立.一种基于自由度分析的过约束处理方法[J].价值工程,2010,29(20):142-143.
9刁明光,薛涛,梁建东,李建存,刘琼.矿山遥感监测属性数据复杂约束类型的描述方法[J].国土资源遥感,2016,28(4):197-201. 被引量：6
10赵星汉,于洋.串行总线双向数据无损监测原理与实现[J].电光系统,2015,0(2):53-55. 被引量：1

计算机应用研究

2012年第2期

浏览历史

内容加载中请稍等...

一种针对C程序缓冲区溢出的检测方法

参考文献11

二级参考文献44

共引文献14

相关作者

相关机构

相关主题

浏览历史