Automatic generation of assertions to detect potential security vulnerabilities in C programs that use union and pointer types
| Contribuinte(s) |
Xiang, Yang Samarati, Pierangela Hu, Jiankun Zhou, Wanlei Sadeghi, Ahmad-Reza |
|---|---|
| Data(s) |
05/05/2010
|
| Resumo |
Type unions, pointer variables and function pointers are a long standing source of subtle security bugs in C program code. Their use can lead to hard-to-diagnose crashes or exploitable vulnerabilities that allow an attacker to attain privileged access over classified data. This paper describes an automatable framework for detecting such weaknesses in C programs statically, where possible, and for generating assertions that will detect them dynamically, in other cases. Exclusively based on analysis of the source code, it identifies required assertions using a type inference system supported by a custom made symbol table. In our preliminary findings, our type system was able to infer the correct type of unions in different scopes, without manual code annotations or rewriting. Whenever an evaluation is not possible or is difficult to resolve, appropriate runtime assertions are formed and inserted into the source code. The approach is demonstrated via a prototype C analysis tool. |
| Formato |
application/pdf |
| Identificador | |
| Publicador |
IEEE Computer Society |
| Relação |
http://eprints.qut.edu.au/38549/3/38549a.pdf http://anss.org.au/nss2010/index.htm Ahmad Khalid, Shamsul K., Zimmermann, Jacob, Fidge, Colin J., & Corney, Diane (2010) Automatic generation of assertions to detect potential security vulnerabilities in C programs that use union and pointer types. In Xiang, Yang, Samarati, Pierangela, Hu, Jiankun, Zhou, Wanlei, & Sadeghi, Ahmad-Reza (Eds.) Proceedings of 2010 Fourth International Conference on Network and System Security, IEEE Computer Society, Melbourne, pp. 351-357. http://purl.org/au-research/grants/ARC/LP0776344 |
| Direitos |
Copyright 2010 IEEE Computer Society Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE. |
| Fonte |
Computer Science; Faculty of Science and Technology; Information Security Institute |
| Palavras-Chave | #080303 Computer System Security #080308 Programming Languages #program analysis #runtime assertions #polymorphic types #C |
| Tipo |
Conference Paper |
