Abstract
A buffer overrun occurs in a C program when input is read into a buffer whose length exceeds that of the buffer. Overruns often lead to crashes and are a widespread form of security vulnerability. This paper describes an analysis for detecting overruns before deployment which is conservative in the sense that it locates every possible buffer overrun. The paper details the subtle relationship between overrun analysis and pointer analysis and explains how buffers can be modeled with a linear number of variables. As far as we know, the paper gives the first formal account of how this software and security problem can be tackled with abstract interpretation, setting it on a firm, mathematical basis.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
L. Andersen. Program Analysis and Specialization for the C Programming Language. PhD thesis, Datalogisk Institut Kobenhavns Universitet, 1994.
A. Baratloo, N. Singh, and T. Tsai. Transparent Run-Time Defense Against Stack-Smashing Attacks. In Ninth USENIX Security Symposium, 2000.
V. Chandru and M. R. Rao. Linear programming. In Algorithms and Theory of Computation Handbook. CRC Press, 1999.
P. Cousot and N. Halbwachs. Automatic Discovery of Linear Constraints among Variables of a Program. In Proceedings of Principles of Programming Languages, pages 84–97. ACM Press, 1978.
C. Cowan, P. Wagle, C. Pu, S. Beattie, and J. Walpole. Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade. In Information Survivability Conference and Exposition, volume II, pages 154–163. IEEE Press, 1998.
R. Crew. ASTLOG: A Language for Examining Abstract Syntax Trees. In Conference on Domain-Specific Languages, pages 229–242. USENIX Association, 1997.
B. De Backer and H. Beringer. A CLP language handling disjunctions of linear constraints. In International Conference on Logic Programming, pages 550–563. MIT Press, 1993.
N. Dor, M. Rodeh, and M. Sagiv. Cleanness Checking of String Manipulations in C Programs via Integer Analysis. In Static Analysis Symposium, volume 2126 of LNCS, pages 194–212. Springer-Verlag, 2001.
M. Emami, R. Ghiya, and L. Hendren. Context-sensitive interprocedural analysis in the presence of function pointers. In Programming Language Design and Implementation, pages 242–256, June 1994.
C. Cowan et al. Stackguard: Automatic adaptive detection and prevention of buffer-overflow attacks. In USENIX Security Symposium, pages 63–78, 1998.
A. Ghosh, T. O’Connor, and G. McGraw. An Automated Approach for Identifying Potential Vulnerabilities in Software. In IEEE Symposium on Security and Privacy, pages 104–114. IEEE Computer Society, 1998.
D. Larochelle and D. Evans. Statically Detecting likely Buffer Overflow Vulnerabilities. In Tenth USENIX Security Symposium. USENIX Association, 2001.
D. Larochelle and D. Evans. Improving Security Using Extensible Lightweight Static Analysis. IEEE Software, 19(1):42–51, 2002.
B. Miller, L. Fredrikson, and B. So. An Empirical Study of the Reliability of UNIX Utilities. Communications of the ACM, 33(12):32–44, 1990.
T. C. Miller and T. de Raadt. strlcpy and strlcat—Consistent, Safe, String Copy and Concatenation. In USENIX Annual Technical Conference, 1999.
A. Miné. A New Numerical Abstract Domain Based on Difference-Bound Matrices. In Programs as Data Objects, volume 2053 of LNCS, pages 155–172, 2001.
A. One. Smashing the Stack for Fun and Profit. Phrack Magazine, 7(49).
N. Papaspyrou. A Formal Semantics for the C Programming Language. PhD thesis, National Technical University of Athens, 1998.
R. T. Rockafellar. Convex Analysis. Princeton University Press, 1970.
B. Snow. Panel Discussion on the Future of Security. In IEEE Symposium on Security and Privacy. IEEE Computer Society, 1999.
B. Steensgaard. Points-to Analysis in Almost Linear Time. In Principles of Programming Languages, pages 32–41. ACM Press, 1996.
J. Viega, J. T. Bloch, T. Kohno, and G. McGraw. ITS4: A Static Vulnumerability Scanner for C and C++ Code. In Sixteenth Annual Computer Security Applications Conference, 2000.
D. Wagner, J. S. Foster, E. A. Brewer, and A. Aiken. A First Step Towards Detection of Buffer Overrun Vulnerabilities. In Network and Distributed System Security Symposium. Internet Society, 2000.
D. Weise. Static Analysis of Mega-Programs. In Static Analysis Symposium, volume 1694 of LNCS, pages 300–302. Springer-Verlag, 1999.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Simon, A., King, A. (2002). Analyzing String Buffers in C. In: Kirchner, H., Ringeissen, C. (eds) Algebraic Methodology and Software Technology. AMAST 2002. Lecture Notes in Computer Science, vol 2422. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45719-4_25
Download citation
DOI: https://doi.org/10.1007/3-540-45719-4_25
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-44144-1
Online ISBN: 978-3-540-45719-0
eBook Packages: Springer Book Archive