Journal of Beijing University of Posts and Telecommunications

  • EI核心期刊

JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM ›› 2016, Vol. 39 ›› Issue (s1): 50-54.doi: 10.13190/j.jbupt.2016.s.012

• Papers • Previous Articles     Next Articles

Buffer Overflow Detection in C Code Using Dynamic Symbolic Execution

ZHANG Jun-xian, LI Zhou-jun   

  1. School of Computer Science and Engineering, Beihang University, Beijing 100191, China
  • Received:2015-09-02 Online:2016-06-28 Published:2016-06-28

Abstract:

Buffer overflow is a source of many security problems in C programs. A new tool named PathChecker to detect buffer overflows in C codes using dynamic symbolic execution method is proposed. PathChecker uses quantifier-free predicate formulas to describe the safety properties of buffer access operations and check these properties using a SMT solver. Experimental results show the effectiveness of this tool which is very easy to extend to check other safety properties.

Key words: buffer overflow detection, dynamic symbolic execution, satisfiability modulo theories solver, low level virtual machine byte code instrumentation

CLC Number: