Software Memory Vulnerability Detection Based On Static Analysis

With the rapid development of mobile Internet, more and more software has been applied in our lives,and the security of the software has been an urgent problem to be solved. In C language such as the explicit allocation and the release of memory programming language, such as C language, memory security vulnerability detection has beenthe difficulties and priorities of C language software testing. However, the current static detectors generally have a high false positive rate. Because of the limited ability of the current symbol execution engine to perform the simulation of the memory model, it can not represent the relationship of the memory hierarchy and the storage relationship of the complex data structure,resulting in insufficient information of the static detector and too many false positive.In this thesis, a hierarchical memory model is proposed to solve the problem that the static detection system can not fully represent the data structure of complex C language. Based on this model, a set of static detection framework is constructed. It is used to detect memory leak and memory overflow security vulnerabilities. The main work of this thesisis as follows:(1) Comparing the advantages and disadvantages of all kinds of mainstream memory model algorithms in symbolic execution memory model in static detection system, a new memory model which can express memory hierarchy relation is proposed to improve the detection efficiency of static detection system.(2) On the basis of the new memory model, a set of static detection system was designed to detect the memory security vulnerabilities in the program, including memory leak, array access crossing, buffer overflow and so on. The system uses symbolic execution technology and memory model algorithm to build a static detection framework which can be configured and expandable and can add custom detectors for memory vulnerability detection.(3) Through analyzing the characteristics of memory security vulnerabilities and the scene of occurrence, we designed and implemented a memory leak detector and memory access, cross-border vulnerability detector, and used these detectors to test the test case code and the actual project code respectively.(4) Compare the test results of the test cases with those of other static memory vulnerability detection tools to analyze the advantages and disadvantages of the new memory models. Experimental results show that the new hierarchical memory model can reduce the false alarm rate of the static detector detection by 40%.