| With the development of networks, softwares have been developed raplidly.It has been widely used in every fields of society.In the same time,there are plenty of security flaws in the program. Buffer overflow is the obvious one.This thesis is in the point view of the compiler. Having depth analysis on the static test and dynamic test, it proposes detection method which is combination of both methods.After drawing on paris of interger and modeling analysis methods, this thesis presents a point of view which bind the buffers with two properties name alloc and len.Alloc represents the buffer space allocated .In general, it is gained by a character array and a character pointer.Len represents the possibility of the use of space in this buffer zone.This thesis track each of the two properties named alloc and len.The thesis will take some steps to achieve this goal. Firstly, it achieve the the dual stack which separate the local variables to another new stack. Secondly, in the new stack, it insert a flag before local variables are pushed in it. Last but not the least, before the end of the function, the test whether the flag has been changed should be taken.This prevents the coverage of local variable between functions.By modifying the GCC front-end parsing of documents to extract the relevant attribute information,the thesis complete the static test in function calls and assignment statements.Experiments show that it can test a simple pointer operations caused by buffer overflow issues. By modifying the GCC RTL intermediate structure and multiple front-end documents, dynamic test gained the result. Experiments show that it can terminate the program when buffer overflow occurs.In addition, local variables can also be reordered.As the time constraints, the thesis don't finish the experiment about it. |
PDF Full Text Request