| The UAF(Use-After-Free)vulnerability is a type of heap vulnerability that can be exploited separately or in combination with other stack/heap vulnerabilities.In most cases,it causes serious damage such as data leakage,data tampering,and control flow hijacking.Due to challenges such as loop processing,memory description,and path coverage,the false negative rate and false positive rate are relatively high for static detection.Dynamic defense methods focus on dangling pointers nullification,but they still face two major problems.On the one hand,the lack of pointer information leads to high false negative rate.On the other hand,the null pointer changes the program logic,resulting in high false positive rate.To this end,this paper proposes a detection method of UAF vulnerability based on fine-grained memory permission management called RPMC(Runtime Pointer and Memory Checker).By constructing an efficient data structure,RPMC maintains pointer-to-memory permissions at runtime.And it checks pointers and memory relationships before operations to eliminate UAF vulnerabilities caused by pointer abuse and accurately identify vulnerability points.According to the characteristics of RPMC,this paper further gives the design of the vulnerability mining method combining symbolic execution and fuzzing test.The experimental results show that RPMC can accurately detect and defend against three types of UAF vulnerabilities,and it can provide accurate vulnerability location and memory status.At the same time,the time cost of the RPMC in the compile,link and runtime is within a reasonable range,which can meet the program runtime efficiency requirements. |
PDF Full Text Request