Integer overflow detecting method based on virtual machine technique and dynamic symbolic execution
A dynamic symbolic execution and integer overflow technology, applied in the field of virtual machine technology and dynamic symbolic technology, can solve problems such as low coverage, high cost, and difficult verification, and achieve the effect of improving correctness and comprehensiveness
Active Publication Date: 2013-11-20
TSINGHUA UNIV +1
View PDF2 Cites 7 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
[0005] The static integer overflow detection technology analyzes the source code more comprehensively, but because it is not actually implemented, it has high false positives and is not easy to verify
Dynamic integer overflow detection technology has almost no false positives, but because the program must actually overflow to detect, the coverage rate is not high, especially for large programs, the cost of running once is quite high
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0018] The present invention will be described in detail below in conjunction with specific embodiments and drawings, but the present invention is not limited thereto.
[0019] Such as figure 1 As shown, the present invention is generally divided into four stages: preprocessing, dynamic binary translation stage, integer overflow detection stage and result verification stage.
[0020] 1. Preprocessing stage
[0021] This stage mainly loads the target program and performs preprocessing analysis on it. Preprocessing analysis includes preliminary static analysis of the target program, extracting basic information of the target program, and symbolizing the input of the target program.
[0022] 2. Dynamic binary translation stage
[0023] This stage mainly includes the following steps:
[0024] 1. Decompile the target binary file to be detected to obtain the corresponding intermediate code;
[0025] 2. Translate the intermediate code again, and translate it into two languages: ...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention provides an integer overflow detecting method based on a virtual machine technique and dynamic symbolic execution. The method can directly carry out tests on binary programs under an x86 platform. According to the integer overflow detecting method based on the virtual machine technique and the dynamic symbolic execution, the virtual machine technique is used for carrying out simulation execution on an object binary program, binary translation is carried out on the object binary program in an execution process, binary codes are translated into intermediate representation, then the intermediate representation is translated into local executable codes to carry out specific execution, meanwhile, the intermediate representation is translated into LLVM codes to carry out symbolic execution, specific execution and the symbolic execution are combined, object codes are translated into an LLVM language to express in a symbolic execution process, integer overflow detection is carried out based on the LLVM language, test cases are generated by adopting the symbolic execution and a constraint solving method, and the specific execution mode is used for carrying out detection.
Description
technical field [0001] The invention relates to an integer overflow detection method, which involves virtual machine technology and dynamic symbol technology. Background technique [0002] Dynamic symbolic execution is a concept between symbolic execution and specific execution. Specific execution means that when a program is executed, a corresponding output result is obtained based on only one input, while symbolic execution means that when a program is executed, the The input is symbolized according to different results, so that the output results cover all possibilities as much as possible. Dynamic symbolic execution is to perform symbolic execution on the modules that want to be symbolically executed during the specific execution process. [0003] Integer overflow detection technology is divided into static detection and dynamic detection. Static integer overflow detection technology refers to analyzing the source code of the program, judging where there may be integer ...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More IPC IPC(8): G06F9/455G06F11/36G06F11/14
Inventor 陈渝肖奇学王欢史元春郭世泽吴志勇曹鼎范文良
Owner TSINGHUA UNIV