Efficiently computing static single assignment form and the control dependence graph
ACM Transactions on Programming Languages and Systems (TOPLAS)
Advanced compiler design and implementation
Advanced compiler design and implementation
Proceedings of the ACM SIGPLAN 1999 conference on Programming language design and implementation
Pointer analysis: haven't we solved this problem yet?
PASTE '01 Proceedings of the 2001 ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Flow-sensitive type qualifiers
PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
CIL: Intermediate Language and Tools for Analysis and Transformation of C Programs
CC '02 Proceedings of the 11th International Conference on Compiler Construction
Synthesis of saturation arithmetic architectures
ACM Transactions on Design Automation of Electronic Systems (TODAES)
ICSE '81 Proceedings of the 5th international conference on Software engineering
LLVM: A Compilation Framework for Lifelong Program Analysis & Transformation
Proceedings of the international symposium on Code generation and optimization: feedback-directed and runtime optimization
On the effectiveness of address-space randomization
Proceedings of the 11th ACM conference on Computer and communications security
DART: directed automated random testing
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
CUTE: a concolic unit testing engine for C
Proceedings of the 10th European software engineering conference held jointly with 13th ACM SIGSOFT international symposium on Foundations of software engineering
Compilers: Principles, Techniques, and Tools (2nd Edition)
Compilers: Principles, Techniques, and Tools (2nd Edition)
EXE: automatically generating inputs of death
Proceedings of the 13th ACM conference on Computer and communications security
Non-control-data attacks are realistic threats
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
PAriCheck: an efficient pointer arithmetic checker for C programs
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
KLEE: unassisted and automatic generation of high-coverage tests for complex systems programs
OSDI'08 Proceedings of the 8th USENIX conference on Operating systems design and implementation
Dynamic test generation to find integer bugs in x86 binary linux programs
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Using type qualifiers to analyze untrusted integers and detecting security flaws in c programs
DIMVA'06 Proceedings of the Third international conference on Detection of Intrusions and Malware & Vulnerability Assessment
| Hi-index | 0.00 |
One of the top two causes of software vulnerabilities in operating systems is the integer overflow. A typical integer overflow vulnerability is the Integer Overflow to Buffer Overflow IO2BO for short vulnerability. IO2BO is an underestimated threat. Many programmers have not realized the existence of IO2BO and its harm. Even for those who are aware of IO2BO, locating and fixing IO2BO vulnerabilities are still tedious and error-prone. Automatically identifying and fixing this kind of vulnerability are critical for software security. In this article, we present the design and implementation of IntPatch, a compiler extension for automatically fixing IO2BO vulnerabilities in C/C++ programs at compile time. IntPatch utilizes classic type theory and a dataflow analysis framework to identify potential IO2BO vulnerabilities, and then uses backward slicing to find out related vulnerable arithmetic operations, and finally instruments programs with runtime checks. Moreover, IntPatch provides an interface for programmers who want to check integer overflows manually. We evaluated IntPatch on a few real-world applications. It caught all 46 previously known IO2BO vulnerabilities in our test suite and found 21 new bugs. Applications patched by IntPatch have negligible runtime performance losses which are on average 1%.