Automatic repair method for buffer overflow vulnerabilities
A buffer overflow and automatic repair technology, applied in the fields of instruments, electrical digital data processing, platform integrity maintenance, etc., can solve the problems of multiple manpower, waste, and prolong the time spent on software maintenance, and achieve the expansion of buffer size and efficiency. High, improved flexibility
Active Publication Date: 2016-07-27
NANJING UNIV
View PDF5 Cites 7 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
[0003] At present, the repair of buffer overflow vulnerabilities requires manual participation to a large extent, which will consume more manpower, prolong the time spent on software maintenance, and increase software maintenance costs.
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0024] The following combination figure 1 The present invention will be described in further detail with specific examples. according to figure 1 The flowchart of the repair method shown:
[0025] 1. Establish a buffer overflow model
[0026] In this embodiment, with reference to the C99C language standard specification, for APIs that are prone to buffer overflow vulnerabilities, according to their functional characteristics, the conditions for these APIs to have buffer overflows are determined, and the buffer overflow model shown in Table 1 is formed.
[0027]
[0028] Table 1
[0029] 2. Propose buffer overflow vulnerability repair method
[0030] By referring to the buffer overflow model, the repair method of the buffer overflow vulnerability in Table 2 below is proposed.
[0031]
[0032]
[0033] Table 2
[0034] 3. Read and parse the command line parameters to determine the repair method
[0035] The specific repair method is determined by the command lin...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention provides an automatic repair method for buffer overflow vulnerabilities. Based on a buffer overflow model, known buffer overflow vulnerabilities in a program are automatically repaired. The method comprises the steps of firstly, reading and analyzing a confirmed buffer overflow information file, wherein the file contains source file names of the buffer overflow vulnerabilities, row numbers of overflow vulnerability codes and APIs used by the overflow vulnerability codes; secondly, according to position information of the buffer overflow vulnerabilities, obtaining repair positions of the buffer overflow vulnerabilities; thirdly, according to the APIs used by the buffer overflow vulnerability codes and the buffer overflow model, obtaining a corresponding buffer overflow vulnerability repair policy; fourthly, locating the positions of the buffer overflow vulnerability codes and extracting parameter information of function call; and finally, according to the extracted parameter information of function call and the used APIs, constructing repair codes, and inserting the repair codes into source codes to finish the repair.
Description
technical field [0001] The invention belongs to the field of software engineering, in particular to an automatic repair method for buffer overflow loopholes. Background technique [0002] The buffer refers to a continuous storage space allocated in the memory during the running of a program, and the storage space is used to store various types of data. Buffer overflow means that if the length of the data entered by the user exceeds the memory space allocated by the program, the data will overwrite the memory space allocated by the program for other data, resulting in buffer overflow. Buffer overflow vulnerabilities are one of the most common software security vulnerabilities, and repairing buffer overflow vulnerabilities in software is an important means to ensure software security. Automatic repair of software vulnerabilities belongs to the category of software maintenance. [0003] At present, the repair of buffer overflow vulnerabilities requires manual participation to...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/57G06F21/52
CPCG06F21/52G06F21/577
Inventor 王林章高凤娟李宣东
Owner NANJING UNIV