A Comprehensive Detection of Memory Corruption Vulnerabilities for C/C++ Programs

摘要

Memory corruption bugs in software written in low-level languages like C or C++ are one of the oldest problems in computer security. These unsafe languages are vulnerable to errors relating to the misuse of memory, such as buffer overflows, use-after-free. The exploit of these vulnerabilities allows attackers to tamper or even take full control over the program. In this paper, we propose a lightweight and comprehensive vulnerability detection approach for memory corruption defects in programs written in C or C++. The approach is based on identification of the unsafe operations in source code, including both invalid memory writes and reads. Supporting by flow-sensitive point-to analysis with LLVM and Datalog, and extracted information from abstract syntax tree, our method can analyze the potential memory corruption vulnerabilities in the source code. We evaluate our approach against the SPEC 2006 benchmark suite and Juliet test suite. We also show that the approach achieves high compatibility and reasonable overheads for detection.