File Parsing Vulnerability Detection with Symbolic Execution

2012 Sixth International Symposium on Theoretical Aspects of Software Engineering Pub Date : 2012-07-04 DOI:10.1109/TASE.2012.13

Chaojian Hu, Zhoujun Li, Jinxin Ma, Tao Guo, Zhiwei Shi

{"title":"File Parsing Vulnerability Detection with Symbolic Execution","authors":"Chaojian Hu, Zhoujun Li, Jinxin Ma, Tao Guo, Zhiwei Shi","doi":"10.1109/TASE.2012.13","DOIUrl":null,"url":null,"abstract":"Symbolic execution simulates program execution by replacing concrete values with symbolic variables for inputs. It could be used in software behavior analysis, vulnerability detection and software security assessment. In this paper, we analyze the path explosion problem encountered in vulnerability detection with the state-of-the-art symbolic execution technology for large scale file parsing programs. We also propose 4 alleviations to ease the problem, i.e. loop controlling, irrelevant path elimination, path selecting and parallel symbolic execution. Based on these alleviations, we implemented a prototype tool to detect file parsing vulnerability in large scale programs automatically, and evaluate it with a suit of benchmarks chosen from open source programs. Our tool detected not only all reported vulnerabilities of memory overflow in the benchmarks, but also some unreported vulnerabilities. The evaluation results show these alleviations could effectively ease the path explosion problem while analyzing large scale file parsing programs.","PeriodicalId":417979,"journal":{"name":"2012 Sixth International Symposium on Theoretical Aspects of Software Engineering","volume":"16 4 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-07-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 Sixth International Symposium on Theoretical Aspects of Software Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/TASE.2012.13","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 8

Abstract

Symbolic execution simulates program execution by replacing concrete values with symbolic variables for inputs. It could be used in software behavior analysis, vulnerability detection and software security assessment. In this paper, we analyze the path explosion problem encountered in vulnerability detection with the state-of-the-art symbolic execution technology for large scale file parsing programs. We also propose 4 alleviations to ease the problem, i.e. loop controlling, irrelevant path elimination, path selecting and parallel symbolic execution. Based on these alleviations, we implemented a prototype tool to detect file parsing vulnerability in large scale programs automatically, and evaluate it with a suit of benchmarks chosen from open source programs. Our tool detected not only all reported vulnerabilities of memory overflow in the benchmarks, but also some unreported vulnerabilities. The evaluation results show these alleviations could effectively ease the path explosion problem while analyzing large scale file parsing programs.

查看原文本刊更多论文

具有符号执行的文件解析漏洞检测

符号执行通过将输入的具体值替换为符号变量来模拟程序执行。它可用于软件行为分析、漏洞检测和软件安全评估。本文分析了基于符号执行技术的大型文件解析程序在漏洞检测中遇到的路径爆炸问题。本文还提出了循环控制、无关路径消除、路径选择和并行符号执行四种缓解方法。基于这些缓解，我们实现了一个原型工具来自动检测大型程序中的文件解析漏洞，并使用一套从开源程序中选择的基准来评估它。我们的工具不仅检测了基准测试中所有报告的内存溢出漏洞，还检测了一些未报告的漏洞。评价结果表明，在分析大型文件解析程序时，这些缓解措施可以有效地缓解路径爆炸问题。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2012 Sixth International Symposium on Theoretical Aspects of Software Engineering

自引率

0.00%

发文量