Based On Static Analysis Of Stack Buffer Overflow Vulnerability To Auto-discover The Model

Buffer overflow has been the most common form of security vulnerability. The number of buffer overflows account for about 50% above of all the vulnerabilities according to the CERT/CC (Computer Emergency Response Team/ Coordination Center) statistic at recent years. The buffer overflow problem is typical of old programming languages, such as C and C++, whilst it cannot arise in the new generation of languages, e.g. Java and C#. A most important reason is that the C and C++ languages allow indirect access memory location by pointer without boundary check and there are many unsafe functions in library which may cause buffer overflow. And the Windows operating system also has some similar unsafe functions. No doubt, if can adopt effective means to detect this kind of security vulnerabilities, it will greatly enhance the security of the software systems.Detecting possible buffer overflows in a program is a difficult and time consuming task. Methods that detect buffer overflows are generally divided into two kinds at present: dynamic and static method. The difficult of detecting can be alleviated a certain extent by using static and dynamic software analysis tools.This thesis presents research focused on the fundamental issues surrounding the buffer overflow vulnerability and some typical methods and tools used on buffer overflow detecting. On the basis of analyzing a few of open source tools of source code based and taking part in a source code based scanning tool's developing, a new buffer overflow static detecting method is proposed. That is, analyze the operate semantics of disassembled binary code, pick up the information that buffer overflow concerned by syntactic analysis, and then proceed our analysis from the set of so-called"dangerous functions". On basis of this, we implement a prototype system that can locate certain types of buffer overflow vulnerabilities by experiments. Considering the heavy work load of complete implementation, we take no account of complicated data structure, control flow etc.The static detecting method proposed by this thesis is base on the disassembled binary code, so it also can be considered to be a source code based static detecting method in fact. But the method proposed by this thesis is performed on a released program, a different approach compared to the many previous studies that focus on static source code analysis, that it can be a means in support of the main detecting methods.