By The Source To Check The Buffer Overflow Vulnerability

In a long period, the goal of checking source program was just to find syntax errors and mark position of them. Along with the growth of the scale of software, more and more people have cognizance of the important of software security. If software has a vulnerability that can be exploited, especially this software is been as a network service, it will cause a very serious security problem. Until to now, the goal of checking source program has a new context - find the vulnerabilities in software and point it out.After analyzing the mechanism of buffer-overflow vulnerabilities and the way for them carefully, the paper presents a new source program checking system which is made of two layer checking subsystem, include such as type-based check, static scan, dynamic scan (fault injection) techniques. This system can be used in the process of software developing or used at the end of process. At different phase, the system can do real-time checking or afterwards complete scan.The whole system is tested by analyzing the some modern network services, and the result of test shown the system has a good performance at cover rate for all kinds of types vulnerabilities.At the. end of the paper, we discuss the newest result in source program scan and give the future goal of the work.