Check patentability & draft patents in minutes with Patsnap Eureka AI!

A detection method and system for a heap controllable allocation vulnerability

A detection method and vulnerability technology, which is applied in the field of detection of heap controllable allocation vulnerabilities, can solve security risks, heap buffer overflow and other problems, and achieve the effect of improving correctness and comprehensiveness

Active Publication Date: 2015-11-25
TSINGHUA UNIV +1
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, when this kind of defect occurs, integer overflow occurs, so the possibility of heap buffer overflow will be greatly increased, which will lead to serious security risks.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A detection method and system for a heap controllable allocation vulnerability
  • A detection method and system for a heap controllable allocation vulnerability

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0020] The present invention will be described in detail below in conjunction with specific embodiments and drawings, but the present invention is not limited thereto.

[0021] Such as figure 1 As shown, the method for detecting the controllable heap allocation vulnerability that the present invention will propose includes the following steps:

[0022] 1. Reverse engineer the target analysis file to obtain the function and parameter information that needs to be analyzed;

[0023] 2. Symbolize the parameters of the function to be analyzed,

[0024] 3. Use the symbolic execution engine based on virtual machine technology to analyze the combination of specific execution and symbolic execution of the target program, so that all paths can be traversed.

[0025] 4. Use binary translation technology to monitor and analyze the *malloc function (the function that implements heap allocation, such as kmalloc in the Linux kernel).

[0026] 5. When the target program executes to the mon...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a detection method for a controlled heap allocation bug, having the advantages that the covering rate is higher than the covering rates of dynamic testing technologies such as Fuzzing, the accuracy of dynamic detection is realized, and the false alarm rate is low. The method comprises the first step: reverse analysis is carried out on a target study document to obtain functions and parameter information to be analyzed; the second step: the parameters of the functions to be analyzed are symbolized; the third step: the analysis which combines specific execution and symbolic execution is carried out on a target program by utilizing a symbolic execution engine; the fourth step: supervising and control analysis is carried out on a heap allocation function by using a binary system translation method; the fifth step: the allocation size needed by the heap allocation function is obtained by stacks, and whether the allocation size is a symbolic value is judged; the sixth step: the symbolic value is analyzed and solved; the seventh step: integer overflow analysis is carried out on the symbolic value size.

Description

technical field [0001] The invention relates to a detection method and system for heap controllable allocation loopholes, belonging to the field of operating system loophole detection. Background technique [0002] The safety of memory management is a very important part of the operating system security field, and the research on memory allocation and memory access safety is very important. Generally speaking, the methods of vulnerability mining are divided into static detection and dynamic running test. They refer to: [0003] Static detection: mainly through the security scanning of the source code of the software system, according to the data flow, control flow, semantics and other information in the program, it is matched with its unique software security rule base to find potential security vulnerabilities in the code. Static source code security testing is a very useful method. It can find out all codes that may have security risks during the coding stage, so that de...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F11/36G06F21/57
Inventor 陈渝肖奇学郭世泽史元春徐永健茅俊杰赵静陈韬
Owner TSINGHUA UNIV
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com