| C is a widely used programming language,and it still learned by programmers all these years.Because it is base oriented,it is easily utilized by attackers. Vulnerabilities in C pograms can be divided as two categories,one is caused by C library functions and the other is caused by user defined functions.We should apply different strategy to detect these two kind of vulnerabilities to improve quality.Special grammar increase the complexity of analyzing C program,such as implicit type conversion,overlapping memory,etc. Type promotion will be done when different basic types participate in computation. And it changes value of varibles.Flexible memory accesses makes it possible that memory region of different variables may overlap. So writing to one of them will have to update other variables.We use static analysis to detect C vulnerabilities. Static analysis is to perform security detection without running the code,it contains many techniques,such as control flow analysis,data flow analysis,constant proparation and pointer analysis.These analysis use Intermediate Representation(IR) as input.After lexical analysis and syntax analysis,source code can be transformed to abstract syntax tree(AST). Traversing AST,IR is constructed.Loop analysis based on landmark deduction is quicker than merely use widden operation. And bidirectional data flow improve the accuracy utilizing data dependence.Flow sensitive and context sensitive pointer analysis is inefficient,but it is more precise.Combining accurate loop analysis and pointer analysis,we can detect more C vulnerabilities. |
PDF Full Text Request