Abstract
Recently, Integer bugs have been increasing sharply and become the notorious source of bugs for various serious attacks. In this paper, we propose a tool, IntFinder, which can automatically detect Integer bugs in a x86 binary program. We implement IntFinder based on a combination of static and dynamic analysis. First, IntFinder decompiles a x86 binary code, and creates the suspect instruction set. Second, IntFinder dynamically inspects the instructions in the suspect set and confirms which instructions are actual Integer bugs with the error-prone input. Compared with other approaches, IntFinder provides more accurate and sufficient type information and reduces the instructions which will be inspected by static analysis. Experimental results are quite encouraging: IntFinder has detected the integer bugs in several practical programs as well as one new bug in slocate-2.7, and it achieves a low false positives and negatives. © 2009 Springer-Verlag.
Cite
CITATION STYLE
Chen, P., Han, H., Wang, Y., Shen, X., Yin, X., Mao, B., & Xie, L. (2009). IntFinder: Automatically detecting Integer bugs in x86 binary program. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 5927 LNCS, pp. 336–345). https://doi.org/10.1007/978-3-642-11145-7_26
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
