Static Analysis Method for Detecting Buffer Overflow Vulnerabilities

摘要

In this paper, a new static method for automated detection of vulnerabilities that could result in buffer overflows in programs is suggested. The problem of the software defense against threads related to buffer overflows is very important one. Currently, there does not exist satisfactory approaches to its solution. The existing dynamic methods make it possible to avoid incorrect execution for certain classes of programs. The basic disadvantage of these methods is that the procedure of the error detection after the session of tests is very involved. Moreover, they do not guarantee that the results obtained are correct. Static analysis methods are, as a rule, lexical scanners and do not thoroughly analyze the execution of the program, as well as its memory content (e.g., arrays, variables, and the like). The objective of the suggested method is to improve situation in this field and facilitate the audit of a program code by the programmer.