Automatically Repairing Stripped Executables with CFG Microsurgery

BINSURGEON is a binary rewriting system that enhances stripped binary executables with repairs, defenses, and additional functionality. This involves making space-consuming changes to the program´s control flow graph (CFG), recomputing instruction content, and relocating instructions, all while preserving functionality in the remainder of the program´s control flow. BINSURGEON uses extendable rewrite templates that enable other systems to specify and parameterize program modifications, which allows BINSURGEON to be a fully-automatic component of a larger system. In this paper, we describe BINSURGEON in the context of the FUZZBOMB automated program analysis and repair system. We outline BIN Surgeon´s general binary rewriting algorithm for modifying CFGs according to FUZZ Bomb´s rewrite templates. We also review some of FUZZ Bomb´s rewrite templates to demonstrate the diverse repair and defense strategies -- including stack protection, heap protection, CFI, pointer-checking, and more -- that are implemented by BINSURGEON to harden and repair vulnerable binaries.