BUFFER OVERFLOW VULNERABILITY ANALYSIS METHOD, DATA PROCESSOR, ANALYSIS INFORMATION PROVIDING DEVICE, PROGRAM FOR EXTRACTING ANALYSIS INFORMATION, AND PROGRAM FOR PROVIDING ANALYSIS INFORMATION

摘要

PPROBLEM TO BE SOLVED: To provide a technology allowing rapid correction of a program source and rapid application of a correction patch which are fundamental measures against buffer overflow. PSOLUTION: When occurrence of a buffer overflow attack is detected, information on a place where an attacked buffer exists and information on a function securing the buffer are extracted as analysis information to be provided to a program developer. Additionally, when information on call history of the function from the buffer securement to buffer overflow attack can be extracted, the information is extracted. On receiving the analysis information, the program developer corrects the program and creates measures information, so that the measures information is stored in an existing analysis information storage means in a form corresponding to the analysis information. When the extracted analysis information is stored in the existing analysis information storage means, measures processing against the buffer overflow attack are executed based on the measures information corresponding to the analysis information. PCOPYRIGHT: (C)2006,JPO&NCIPI