Title :
Static Analysis of Format String Vulnerabilities
Author :
Han, Wei ; Ren, Mengfei ; Tian, Shuo ; Ding, Liping ; He, Yeping
Author_Institution :
Grad. Sch. of Chinese Acad. of Sci., Beijing, China
Abstract :
This paper presents a novel approach, based on static analysis, to detect format string vulnerabilities in C programs. Format string vulnerability is viewed as a finite state safety property. The analysis is expressed as a system of constraint describing how the safety state at one program point is related to the state at adjacent program points. Our analysis is inter-procedurally flow sensitive and intra-procedurally path sensitive. To avoid state space explosion in inter-procedural analysis, we use procedural summary instead of analyzing the called function holistically. The experimental results show that this method can effectively locate format string vulnerabilities in C programs. In comparison with other static approaches, ours can greatly reduce false positive.
Keywords :
program diagnostics; C program; finite state safety property; format string vulnerability; interprocedural analysis; procedural summary; static analysis; Analytical models; Computational modeling; Educational institutions; Runtime; Safety; Software; Testing; constraint solving; flow sensitive analysis; format string vulnerability; path sensitive analysis; static analysis;
Conference_Titel :
Software and Network Engineering (SSNE), 2011 First ACIS International Symposium on
Conference_Location :
Seoul
Print_ISBN :
978-1-4673-0349-1
DOI :
10.1109/SSNE.2011.9
