Title :
Research on Buffer Overflow Test Based on Invariant
Author :
Zeng, Fanping ; Chen, Minghui ; Yin, Kaitao ; Wang, Xufa
Author_Institution :
Dept. of Comput., Univ. of Sci. & Technol. of China, Hefei, China
Abstract :
Buffer overflow (BOF) is one of the major vulnerabilities that lead to non-secure software. Testing an implementation for BOF vulnerabilities is challenging as the underlying reasons of buffer overflow vary widely. This paper presents a novel method for BOF test for ANSI C language, which uses program instrumentation and mutation test technology to test the BOF vulnerabilities, on the basis of analyzing the invariants for BOF vulnerabilities. The implementation shows that it can check the attack of BOF vulnerabilities adequately and accurately, in the circumstances of no large losses in performance.
Keywords :
C language; buffer storage; program testing; ANSI C language; BOF vulnerabilities; buffer overflow test; mutation test technology; nonsecure software; program instrumentation; Buffer overflow; Genetic mutations; Information technology; Instruments; Monitoring; Performance loss; Probes; Runtime; Software libraries; Software testing; buffer overflow; invariant; mutation test; program instrumentation;
Conference_Titel :
Computer and Information Technology, 2009. CIT '09. Ninth IEEE International Conference on
Conference_Location :
Xiamen
Print_ISBN :
978-0-7695-3836-5
DOI :
10.1109/CIT.2009.90
