| Nowadays, the buffer overflow is the most security problem in software industry. There are two reasons why the buffer overflow is caused. When the programmers forget to check the boundary of buffers or use some standard C/C++library strings (or memory) functions, which don’t check the boundary of buffers, the buffer overflow vulnerabilities would appear.This thesis firstly improves the theory of buffer overflow detection, and expands the set of code type which may cause buffer overflow, and summarize the characteristics of different code types, and the reason why they cause buffer overflow. This paper uses these code types for buffer overflow vulnerabilities static detection and matching, and combines it with the dynamic testing: firstly, a unit test case is constructed; then it runs, and its input and output is recorded, and we apply linear regression analysis for the input and output data to determine whether there are buffer overflow vulnerabilities. This thesis combines the static detection theory with the dynamic detection theory, and designs and implements a checking tool of buffer overflow detection, which is called BugExcavator. A special data structure is designed, which makes the two parts communicate and work with each other. Finally the checking tool can detect most of the buffer overflow vulnerabilities.Finally the experimental results show that the checking tool which is designed and implemented in the thesis can effectively detect kinds of buffer overflow problems in source code, and it improves the accuracy of buffer overflow detection with keeping the satisfying efficiency. So this research has certain significance of reality. |
PDF Full Text Request