Supercharge Your Innovation With Domain-Expert AI Agents!

GCC abstract syntax tree-based buffer overflow vulnerability detection method

An abstract syntax tree and buffer overflow technology, applied in the field of information security, can solve the problems of inaccurate positioning, high false negative rate, low detection efficiency, etc., and achieve the effect of eliminating redundant information, accurate representation, and accurate judgment results.

Inactive Publication Date: 2010-12-08
BEIJING INSTITUTE OF TECHNOLOGYGY
View PDF2 Cites 13 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0013] The disadvantages of this method are: ① directly analyze and detect the abstract syntax tree AST generated by the GCC compiler, and the abstract syntax tree text generated by GCC contains many detailed information that is helpful for compilation, such as generated by the "#include" command Functions and structures that are not used in the source program, as well as some internal functions, type declarations, error messages, constants, etc. generated during the compilation process, these information are not conducive to code analysis
For complex source programs, the detection efficiency of these methods will be greatly reduced
②In the second step, the attribute information of the buffer is represented by a pair of integers, which is not accurate enough and will lead to inaccurate judgment results
But its obvious shortcoming is the dependence of dynamic detection technology on input. Only when the specific input is the program execution to the dangerous point, the vulnerability will be discovered. Therefore, the positioning is inaccurate and the false negative rate is high.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0047] The technical solution of the present invention will be described in detail below in conjunction with specific embodiments.

[0048] This embodiment uses the method of the present invention to test a 7-line C language source program, and the source program code is as follows:

[0049] #include

[0050] #include

[0051] int main()

[0052] {char test[2];

[0053] strcpy(test, "aaaaa");

[0054] return 0;

[0055] }

[0056] The operation process is as follows:

[0057] Step 1. For the source program to be analyzed, directly use the GCC compiler to generate an abstract syntax tree AST, which contains 2280 nodes.

[0058] Step 2: On the basis of Step 1, eliminate redundant information in the abstract syntax tree AST. Specifically:

[0059] Step 1: Traverse all the nodes in the abstract syntax tree AST, and divide all nodes into 3 types according to the "srcp" field in the nodes of the abstract syntax tree AST:

[0060] a. If the value of the "srcp" field is the name of the source file...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a buffer overflow vulnerability detection method, in particular to a GCC abstract syntax tree-based buffer overflow vulnerability detection method, and belongs to the technical field of information security. The method comprises the following steps of: operating a source program by using a GCC compiler to generate an abstract syntax tree; eliminating all information not related to analysis data streams and control streams in the text of the abstract syntax tree and maintaining the integrity of useful information; and using the useful information in program analysis, and monitoring related nodes on the abstract syntax tree to fulfill the aims of analyzing and detecting the buffer overflow vulnerability. Compared with the traditional analysis method which does not eliminate redundancy, the method has better practicability and higher efficiency and precision.

Description

Technical field [0001] The invention relates to a method for detecting a buffer overflow vulnerability, in particular to a method for detecting a buffer overflow vulnerability based on a GCC abstract syntax tree, and belongs to the technical field of information security. Background technique [0002] With the rapid development of computer technology, the degree of informatization of human society is getting higher and higher, and the political, economic, military, cultural, and other fields of the entire society rely more and more on computer information systems. Under this circumstance, the security of computer systems has attracted more and more attention. However, the writing of large-scale software and systems requires many programmers to complete the work. They divide a software or system into several sections, divide the work to write, then summarize, test; finally patch and release, so there are almost security vulnerabilities in the software. It is inevitable. Software...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F11/00
Inventor 胡昌振邹家莘王崑声马锐薛静锋
Owner BEIJING INSTITUTE OF TECHNOLOGYGY
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com