Practical Integer Overflow Prevention
release_n25vbtvpizbjloqrsid4yqk7wm
by
Paul Muntean, Jens Grossklags, Claudia Eckert
2017
Abstract
Integer overflows in commodity software are a main source for software bugs,
which can result in exploitable memory corruption vulnerabilities and may
eventually contribute to powerful software based exploits, i.e., code reuse
attacks (CRAs).
In this paper, we present IntGuard , a tool that can repair integer overflows
with high-quality source code repairs. Specifically, given the source code of a
program, IntGuard first discovers the location of an integer overflow error by
using static source code analysis and satisfiability modulo theories (SMT)
solving. IntGuard then generates integer multi-precision code repairs based on
modular manipulation of SMT constraints as well as an extensible set of
customizable code repair patterns.
We have implemented and evaluated IntGuard with 2052 C programs (approx. 1
Mil. LOC) available in the currently largest open- source test suite for C/C++
programs and with a benchmark containing large and complex programs. The
evaluation results show that IntGuard can precisely (i.e., no false positives
are accidentally repaired), with low computational and runtime overhead repair
programs with very small binary and source code blow-up. In a controlled
experiment, we show that IntGuard is more time-effective and achieves a higher
repair success rate than manually generated code repairs.
In text/plain
format
Archived Files and Locations
application/pdf 1.1 MB
file_5odyffwf4bcojmwrppim3mw6aa
|
arxiv.org (repository) web.archive.org (webarchive) |
1710.03720v4
access all versions, variants, and formats of this works (eg, pre-prints)