摘要: 为准确快速地找到缓冲区溢出漏洞点,提出一种通过代码插装对二进制文件中的缓冲区溢出漏洞自动定位的方法。使用PIN提供的函数编写程序分析工具,在程序执行过程中记录所需的信息。当检测到内存访问错误异常时,判别破坏内存的情况,获取内存破坏点,查找到非法写内存的指令定位漏洞。实例分析表明,该方法不需要源程序且效率较高,能成功地定位常见的缓冲区溢出漏洞。
关键词:
漏洞定位,
代码插装,
返回地址,
函数指针,
异常,
缓冲区溢出
Abstract: In order to find buffer overflow vulnerability point accurately and rapidly, this paper proposes a method that can find buffer overflow vulnerabilities in binary file through code instrumentation. It uses plentiful functions PIN providing to make program analysis tool and saves information needed during program execution. When detecting memory access violation exception, it distinguishes what class of memory corruption and obtains memory corruption point and seeks illegal memory writing instruction to locate vulnerability. Example analysis shows that the method does not need source program, and has higher efficiency, it can locate popular buffer overflow vulnerabilities successfully.
Key words:
vulnerability location,
code instrumentation,
return address,
function pointer,
exception,
buffer overflow
中图分类号:
史胜利. 基于代码插装的缓冲区溢出漏洞定位技术[J]. 计算机工程, 2012, 38(9): 138-140.
SHI Qing-Li. Buffer Overflow Vulnerability Location Technology Based on Code Instrumentation[J]. Computer Engineering, 2012, 38(9): 138-140.