关键词: 安全分析 缓冲区溢出 静态检测算法 需求驱动 流敏感

Abstract:

This paper proposes a flow-sensitive algorithm to detect buffer overruns statically. Using control flow and data flow analysis with demand-driven tech niques, it builds the linear constraints of statements that access memory or call a function, and transforms the problem of buffer overrun detection int o the problem of linear constraint resolution. Based on the algorithm, we implement a prototype. Experimental results show the prototype is accurate andefficient in identifying vulnerabilities.

Key words: analysis for security;buffer overrun;static detection algorithm;demand-driven;flow-sensitive