Verification of C Buffer Overflows in C Programs

Abstract

Buffer overflow attacks are a persisting security threat in C programs. The C Standard library provides functions for string handling that lack any bound checks. This paper presents astatic approach for buffer overflow detection by identifying the likely vulnerabilities through an analysis of the source code. We defined a set of predicates, based on the function’s specifications, that determine whether the operation is safe or not. This paper describes an implementation of the approach as an extension of HIP/SLEEK, an automated verification system basedon the separation logic. The static buffer overflow detector proved to have good results even in tricky cases, such as pointer aliasing and overlapping memory.