Abstract: This paper presents a buffer overflow detection model based on intermedia assembly which can be used to perform static analysis and detection on executable files. The algorithm is transparent to hardware platforms, the code is better readable, and buffer overflow is easy to detect. For the 2 string copying operations, i.e. insecure function invokes and copying memory loops, it researches buffer overflow caused by the later and present a flow sensitive and context-insensitive algorithm to detect it.

Key words: buffer overflow, intermedia assembly, insecure functions

摘要： 提出一种基于中间汇编的缓冲区溢出检测模型，用于对可执行代码进行静态分析和检测。采用中间汇编形式可以使算法对硬件平台透明，增强代码可阅读性，有利于对缓冲区溢出的检测。针对不安全函数调用和写内存循环2种字符串拷贝操作，研究写内存循环导致的溢出问题，提出一种流相关、上下文无关的检测算法。

关键词: 缓冲区溢出, 中间汇编, 不安全函数

CLC Number: 

• TP309.2