nach oben

Erschienen in:

2015 | OriginalPaper | Buchkapitel

Automated Generation of Buffer Overflow Quick Fixes Using Symbolic Execution and SMT

verfasst von : Paul Muntean, Vasantha Kommanapalli, Andreas Ibing, Claudia Eckert

Erschienen in: Computer Safety, Reliability, and Security

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

In many C programs, debugging requires significant effort and can consume a lot of time. Even if the bug’s cause is known, detecting a bug in such programs and generating a bug fix patch manually is a tedious task. In this paper, we present a novel approach used to generate bug fixes for buffer overflow automatically using static execution, code patch patterns, quick fix locations, user input saturation and Satisfiability Modulo Theories (SMT). The generated patches are syntactically correct, can be semi-automatically inserted into code and do not need additional human refinement. We evaluated our approach on 58 C open source programs contained in the Juliet test suite and measured an overhead of 0.59 % with respect to the bug detection time. We think that our approach is generalizable and can be applied with other bug checkers that we developed.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Source-Code-to-Object-Code Traceability Analysis for Avionics Software: Don’t Trust Your Compiler

Nächstes Kapitel A Software-Based Error Detection Technique for Monitoring the Program Execution of RTUs in SCADA

Aho, A.V., et al.: A minimum-distance error-correcting parser for context-free languages. SIAM J. Comput. 1(4), 305–312 (1972)MathSciNetCrossRefMATH

Chen, L., et al.: R2Fix: automatically generating bug fixes from bug reports. In: Proceedings of the 2013 IEEE 6th ICST

Crispin, C., et al.: StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks. In: Proceedings of the 7th USENIX SSYM 1998

Crispin, C., et al.: Buffer overflows: attacks and defenses for the vulnerability of the decade*. In: DARPA Discex 2000

de Moura, L., Bjørner, N.S.: Z3: an efficient SMT solver. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 337–340. Springer, Heidelberg (2008) CrossRef

Deepak, G., et al.: TIED, LibsafePlus: tools for runtime buffer overflow protection. In: Proceedings of the 13th Conference on USENIX Security Symposium, SSYM 2004

DeMarco, F., et al.: Automatic repair of buggy if conditions and missing preconditions with SMT. In: Proceedings of the CSTVA 2014

Demsky, B., Rinard, M.: Automatic detection and repair of errors in data structures. In: Proceedings of the ACM SIGPLAN OOPSLA 2003

Emery, D.B.: HeapShield: library-based heap overflow protection for free. UMass CS TR 06-28 (2006)

10.

Gu, Z., et al.: Has the bug really been fixed? In: Proceedings of the ICSE 2010

11.

Haddad, H.M., Shahriar, H.: Rule-based source level patching of buffer overflow vulnerabilities. In: Proceedings of the 10th ITNG 2013

12.

Harrold, M.J., et al.: Fault prediction, localization, and repair. Dagstuhl Seminar 13061, February 2013

13.

Ibing, A.: SMT-constrained symbolic execution for eclipse CDT/Codan. In: Proceedings of the 3th WS-FMDS 2013

14.

Ibing, A.: Path-sensitive race detection with partial order reduced symbolic execution. In: Canal, C., Idani, A. (eds.) SEFM 2014 Workshops. LNCS, vol. 8938, pp. 311–322. Springer, Heidelberg (2015)

15.

Ibing, A., Mai, A.: A fixed-point algorithm for automated static detection of infinite loops. In: Proceedings of the 16th IEEE HASE 2015

16.

Jacobs, M., Lewis, E.C.: SMART C: a semantic macro replacement translator for C. In: Proceedings of the Sixth IEEE SCAM 2006

17.

Jin, H., et al.: SafeStack: automatically patching stack-based buffer overflow vulnerabilities. IEEE Trans. Dependable Secure Comput. 10(6), 368–379 (2013)CrossRef

18.

Kim, D., et al.: Automatic patch generation learned from human-written patches. In: Proceedings of the International Conference on Software Engineering, ICSE 2013

19.

Le Goues, C., et al.: Genprog: a generic method for automatic software repair. IEEE Trans. Softw. Eng. 38(1), 54–72 (2012)CrossRef

20.

Lin, Z.: LibsafeXP: a practical and transparent tool for run-time buffer overflow preventions. In: Proceedings of the 7th Annual IEEE Information Assurance Workshop, IAW 2006

21.

Lin, Z., et al.: AutoPaG: towards automated software patch generation with source code root cause identification and repair. In: Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security, ASIACCS 2007

22.

Mitre: CWE-121. http://cwe.mitre.org/data/definitions/121.html

23.

Mitre: 2011 CWE/SANS Top 25. http://cwe.mitre.org/top25/

24.

Mitre: Heartbleed Bug. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160

25.

Monperrus, M.: A critical review of automatic patch generation learned from human-written patches: essay on the problem statement and the evaluation of automatic software repair. In: Proceedings of the 36th International Conference on Software Engineering, ICSE 2014

26.

Muntean, P., et al.: Context-sensitive detection of information exposure bugs with symbolic execution. In: Innovative Software Development Methodologies and Practices, InnoSWDev 2014

27.

NIST: Juliet Test Suite v1.2 for C/C++

28.

Satish, C., et al.: SemFix: program repair via semantic analysis. In: Proceedings of the International Conference on Software Engineering, ICSE 2013, pp. 772–781

29.

Sauciuc, R., Necula, G.: Reverse execution with constraint solving. Technical report No. UCB/EECS-2011-67, May 2011

30.

Shaw, A., et al.: Automatically fixing C buffer overflows using program transformations. In: Proceedings of the IEEE/IFIP Conference on Dependable Systems and Networks, DSN 2013

31.

Sidiroglou, S., Giovanidis, G., Keromytis, A.D.: A dynamic mechanism for recovering from buffer overflow attacks. In: Zhou, J., López, J., Deng, R.H., Bao, F. (eds.) ISC 2005. LNCS, vol. 3650, pp. 1–15. Springer, Heidelberg (2005) CrossRef

32.

Smirnov, A., et al.: Automatic patch generation for buffer overflow attacks. In: Proceedings of the Third International Symposium on Information Assurance and Security, IAS 2007, pp. 165–170

33.

Westley, W.: Patches as better bug reports. In: International Conference on Generative Programming and Component Engineering, GPCE 2006

34.

Westley, W., et al.: Automatically finding patches using genetic programming\(^*\). In: International Conference on Software Engineering, ICSE 2009

Titel: Automated Generation of Buffer Overflow Quick Fixes Using Symbolic Execution and SMT
verfasst von: Paul Muntean
Vasantha Kommanapalli
Andreas Ibing
Claudia Eckert
Verlag: Springer International Publishing
Buch: Computer Safety, Reliability, and Security
Print ISBN: 978-3-319-24254-5

Electronic ISBN: 978-3-319-24255-2

Copyright-Jahr: 2015
DOI: https://doi.org/10.1007/978-3-319-24255-2_32

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"