SourceSnippet2Binary: A Method for Searching Vulnerable Source Code Snippets in Binaries

Abstract

Vulnerability detection, known as research to detect whether a target code contains vulnerabilities, is often conducted at source code level or binary code level. However, in some cases, the vulnerable code is usually at source-level as they are found by software developers, and target code is usually in binary-level as they are released to be executed in different operating systems, which pose new requirements for vulnerability detection. In this paper, we illustrate a new method named SourceSnippet2Binary, trying to use vulnerable source code snippets to search whether a binary code contains the vulnerability. By proposing such a method, we hope further studies to spend more effort in source2binary vulnerability detection and make vulnerability detection more comprehensive.