Proceedings of the Institute for System Programming of the RAS
RUS  ENG    JOURNALS   PEOPLE   ORGANISATIONS   CONFERENCES   SEMINARS   VIDEO LIBRARY   PACKAGE AMSBIB  
General information
Latest issue
Archive

Search papers
Search references

RSS
Latest issue
Current issues
Archive issues
What is RSS



Proceedings of ISP RAS:
Year:
Volume:
Issue:
Page:
Find






Personal entry:
Login:
Password:
Save password
Enter
Forgotten password?
Register


Proceedings of the Institute for System Programming of the RAS, 2018, Volume 30, Issue 3, Pages 7–20
DOI: https://doi.org/10.15514/ISPRAS-2018-30(3)-1
(Mi tisp321)
 

This article is cited in 1 scientific paper (total in 1 paper)

Dynamic detection of use after free bugs

S. A. Asryana, S. S. Gaysaryanbcde, Sh. F. Kurmangaleevd, A. M. Aghabalyanf, N. H. Hovsepyanf, S. S. Sargsyanf

a Institute for Informatics and Automation Problems of NAS RA
b Lomonosov Moscow State University
c Moscow Institute of Physics and Technology (State University)
d Ivannikov Institute for System Programming of the Russian Academy of Sciences
e National Research University Higher School of Economics (HSE)
f Yerevan State University
Full-text PDF (734 kB) Citations (1)
References:
Abstract: The article describes new method of use after free bug detection using program dynamic analysis. In memory-unsafe programming languages such as C/C++ this class of bugs mainly accurse when program tries to access specific area of dynamically allocated memory that has been already freed. This method is based on combination of two basic components. The first component tracks all memory operations through dynamic binary instrumentation and searches for inappropriate memory access. It preserves two sets of memory address for all allocation and free instructions. Using both sets this component checks whether current memory is accessible through its address or it has been already freed. It is based on dynamic symbolic execution and code coverage algorithm. It is used to maximize the number of execution paths of the program. Using initial input, it starts symbolic execution of the target program and gathers input constraints from conditional statements. The new inputs are generated by systematically solving saved constraints using constraint solver and then sorted by number of basic blocks they cover. Proposed method detects use after free bugs by applying first component each time when second one was able to open new path of the program. It was tested on our synthetic tests that were created based on well-known use after free bug patterns. The method was also tested on couple of real projects by injecting bugs on different levels of execution.
Keywords: program dynamic analysis, use after free bug, dynamic symbolic execution, code coverage, instrumentation.
Funding agency Grant number
Russian Foundation for Basic Research 17-01-00600
Bibliographic databases:
Document Type: Article
Language: Russian
Citation: S. A. Asryan, S. S. Gaysaryan, Sh. F. Kurmangaleev, A. M. Aghabalyan, N. H. Hovsepyan, S. S. Sargsyan, “Dynamic detection of use after free bugs”, Proceedings of ISP RAS, 30:3 (2018), 7–20
Citation in format AMSBIB
\Bibitem{AsrGayKur18}
\by S.~A.~Asryan, S.~S.~Gaysaryan, Sh.~F.~Kurmangaleev, A.~M.~Aghabalyan, N.~H.~Hovsepyan, S.~S.~Sargsyan
\paper Dynamic detection of use after free bugs
\jour Proceedings of ISP RAS
\yr 2018
\vol 30
\issue 3
\pages 7--20
\mathnet{http://mi.mathnet.ru/tisp321}
\crossref{https://doi.org/10.15514/ISPRAS-2018-30(3)-1}
\elib{https://elibrary.ru/item.asp?id=32663687}
Linking options:
  • https://www.mathnet.ru/eng/tisp321
  • https://www.mathnet.ru/eng/tisp/v30/i3/p7
  • This publication is cited in the following 1 articles:
    Citing articles in Google Scholar: Russian citations, English citations
    Related articles in Google Scholar: Russian articles, English articles
    Proceedings of the Institute for System Programming of the RAS
    Statistics & downloads:
    Abstract page:222
    Full-text PDF :58
    References:19
     
      Contact us:
     Terms of Use  Registration to the website  Logotypes © Steklov Mathematical Institute RAS, 2024