Proceedings of the Institute for System Programming of the RAS
RUS  ENG    JOURNALS   PEOPLE   ORGANISATIONS   CONFERENCES   SEMINARS   VIDEO LIBRARY   PACKAGE AMSBIB  
General information
Latest issue
Archive

Search papers
Search references

RSS
Latest issue
Current issues
Archive issues
What is RSS



Proceedings of ISP RAS:
Year:
Volume:
Issue:
Page:
Find






Personal entry:
Login:
Password:
Save password
Enter
Forgotten password?
Register


Proceedings of the Institute for System Programming of the RAS, 2015, Volume 27, Issue 2, Pages 105–126
DOI: https://doi.org/10.15514/ISPRAS-2015-27(2)-7
(Mi tisp125)
 

This article is cited in 2 scientific papers (total in 2 papers)

Memory violation detection method in binary code

V. V. Kaushan, A. YU. Mamontov, V. A. Padaryan, A. N. Fedotov

Institute for System Programming of the Russian Academy of Sciences
Full-text PDF (344 kB) Citations (2)
References:
Abstract: In this paper memory violation detection method is considered. This method is applied to program binaries without requiring debug information. It allows to find such memory violations as out-of-bound read or write. The technique is based on dynamic analysis and symbolic execution. Instead of representing input buffer as a symbolic variable of fixed size, we track only the prefix of buffer symbolically and a special symbolic variable that represents the length of input buffer. The symbolic length variable allows to interpret functions with known semantics such as string library or memory allocation functions. While interpreting these functions using symbolic length variables we assert some constraints on buffer bounds. Such constraints allow to find memory violations. If violation is located, concrete values of buffer prefix and final input buffer length are provided. To apply this method to binary code we have to recover buffer bounds. So we developed some methods that recover buffer bounds in heap and stack memory. We present a tool implementing the method. We used this tool to find 11 bugs in both Linux and Windows programs, 7 of which were undocumented at the time this paper was written. This tool was able to detect known Heartbleed vulnerability which couldn't be found by simple fuzzers in crash absence.
Keywords: bug finding, symbolic execution, binary code, dynamic analysis.
Bibliographic databases:
Document Type: Article
Language: Russian
Citation: V. V. Kaushan, A. YU. Mamontov, V. A. Padaryan, A. N. Fedotov, “Memory violation detection method in binary code”, Proceedings of ISP RAS, 27:2 (2015), 105–126
Citation in format AMSBIB
\Bibitem{KauMamPad15}
\by V.~V.~Kaushan, A.~YU.~Mamontov, V.~A.~Padaryan, A.~N.~Fedotov
\paper Memory violation detection method in binary code
\jour Proceedings of ISP RAS
\yr 2015
\vol 27
\issue 2
\pages 105--126
\mathnet{http://mi.mathnet.ru/tisp125}
\crossref{https://doi.org/10.15514/ISPRAS-2015-27(2)-7}
\elib{https://elibrary.ru/item.asp?id=23827849}
Linking options:
  • https://www.mathnet.ru/eng/tisp125
  • https://www.mathnet.ru/eng/tisp/v27/i2/p105
  • This publication is cited in the following 2 articles:
    Citing articles in Google Scholar: Russian citations, English citations
    Related articles in Google Scholar: Russian articles, English articles
    Proceedings of the Institute for System Programming of the RAS
    Statistics & downloads:
    Abstract page:147
    Full-text PDF :84
    References:34
     
      Contact us:
     Terms of Use  Registration to the website  Logotypes © Steklov Mathematical Institute RAS, 2024