Abstract: This paper discusses the common model to analyze and detect computer operation system vulnerabilities. Based on the model, it proposes a new model and arithmetic, BOVADA, to analyze and detect the buffer overflow vulnerability. Utilizing the special test code, BOVADA can determine the overflow function, overflow point, jump address of the system to be tested. Compared with other model and arithmetic, BOVADA has some advantages, such as more plain structure, more integrate function, and more accurate parameter. Finally, BOVADA is proved to be true on WorkStation service vulnerability of Windows2000.

Key words: Overflow, BOVADA, WorkStation

摘要： 讨论了计算机系统漏洞分析与探测的一般模型，在此基础之上，提出了一种新的缓冲区溢出漏洞分析与探测模型及算法BOVADA。通过构造特殊的测试程序，BOVADA算法能够确定被测程序中造成溢出的函数、系统溢出点、系统跳转地址。与其它缓冲区溢出分析与探测模型及算法相比，BOVADA具有结构清晰、功能完整、参数精确的优点。并以Windows2000 WorkStation服务溢出漏洞为例，验证了BOVADA算法的可行性。

关键词: 溢出, BOVADA, WorkStation