Title :
Automatic Generation of Assertions to Detect Potential Security Vulnerabilities in C Programs That Use Union and Pointer Types
Author :
Khalid, Shamsul Kamal Ahmad ; Zimmermann, Jacob ; Corney, Diane ; Fidge, Colin
Author_Institution :
Queensland Univ. of Technol., Brisbane, QLD, Australia
Abstract :
Type unions, pointer variables and function pointers are a long standing source of subtle security bugs in C program code. Their use can lead to hard-to-diagnose crashes or exploitable vulnerabilities that allow an attacker to attain privileged access over classified data. This paper describes an automatable framework for detecting such weaknesses in C programs statically, where possible, and for generating assertions that will detect them dynamically, in other cases. Exclusively based on analysis of the source code, it identifies required assertions using a type inference system supported by a custom made symbol table. In our preliminary findings, our type system was able to infer the correct type of unions in different scopes, without manual code annotations or rewriting. Whenever an evaluation is not possible or is difficult to resolve, appropriate runtime assertions are formed and inserted into the source code. The approach is demonstrated via a prototype C analysis tool.
Keywords :
C language; program debugging; security of data; C program code; automatic generation; function pointers; pointer variables; potential security vulnerabilities; subtle security bugs; type unions; Compounds; Concrete; Instruments; Kernel; Linux; Runtime; Security; C; polymorphic types; program analysis; runtime assertions;
Conference_Titel :
Network and System Security (NSS), 2010 4th International Conference on
Conference_Location :
Melbourne, VIC
Print_ISBN :
978-1-4244-8484-3
Electronic_ISBN :
978-0-7695-4159-4
DOI :
10.1109/NSS.2010.63
