Testing for buffer overflows with length abstraction

ISSTA'08: Proceedings of the 2008 International Symposium on Software Testing and Analysis 2008

Volumn , Issue , 2008, Pages 27-37

  Xu, Ru Gang ^a   Godefroid, Patrice ^b   Majumdar, Rupak ^a  

^a University of California   (United States)

^b MICROSOFT RESEARCH   (United States)

Author keywords

Buffer overflows; Directed testing; Length abstraction; Testing C programs; Underapproximation

Indexed keywords

ABSTRACTING; C (PROGRAMMING LANGUAGE); COMPUTER SOFTWARE SELECTION AND EVALUATION; DATA STORAGE EQUIPMENT; PROBABILITY DENSITY FUNCTION; SAFETY TESTING; SOFTWARE TESTING; TERMINOLOGY;

BUFFER CONTENTS; BUFFER LENGTHS; BUFFER OVERFLOWS; C PROGRAMS; DIRECTED RANDOM TESTING; DIRECTED TESTING; INPUT BUFFERS; LENGTH ABSTRACTION; LIBRARY FUNCTIONS; MANIPULATION FUNCTIONS; MEMORY ERRORS; MEMORY SAFETIES; ORDERS OF MAGNITUDES; RANDOM INPUTS; STORAGE SYSTEMS; SYMBOLIC EXECUTIONS; UNDERAPPROXIMATION;

BUFFER STORAGE;

EID: 57449085928     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1390630.1390636     Document Type: Conference Paper

References (24)

1. C. Cadar, V. Ganesh, P. Pawlowski, D. Dill, and D. Engler. Exe: automatically generating inputs of death. In CCS, 2006.
2. N. Dor, M. Rodeh, and S. Sagiv. CSSV: towards a realistic tool for statically detecting all buffer overflows in C. In PLDI, 2003.
3. J. C. Foster, V. Osipov, and N. Bhalla. Buffer Overflow Attacks. Syngress, 2005.
4. V. Ganesh and D. L. Dill. A decision procedure for bit-vectors and arrays. In CAV, 2007.
5. P. Godefroid. Compositional dynamic test generation. In POPL, 2007.
6. P. Godefroid, N. Klarlund, and K. Sen. Dart: directed automated random testing. In PLDI, 2005.
7. P. Godefroid, M. Y. Levin, and D. Molnar. Active property checking. Technical report, Microsoft, 2007.
8. P. Godefroid, M.Y. Levin, and D. Molnar. Automated whitebox fuzz testing. In NDSS, 2008.
9. A. Groce, G. J. Holzmann, and R. Joshi. Randomized differential testing as a prelude to formal verification. In ICSE, 2007.
10. R. Jones and P. Kelly. Backwards-compatible bounds checking for arrays and pointers in C programs. In Third International Workshop on Automated Debugging, 1997.
11. P. Joshi, K. Sen, and M. Shlimovich. Predictive testing: amplifying the effectiveness of software testing. In FSE, 2007.
12. D. Knuth. The Art of Computer Programming, Volume 3: Sorting and Searching. Addison-Wesley, 1997.
13. E. Larson and T. Austin. High coverage detection of input-related security faults. In USENIX, 2003.
14. R. Majumdar and R. Xu. Directed test generation with symbolic grammars. In ASE, 2007.
15. N. Nethercote and J. Seward. Valgrind: a framework for heavyweight dynamic binary instrumentation. In PLDI, 2007.
16. O. Ruwase and M. Lam. A practical dynamic buffer overflow detector. In NDSS, 2004.
17. K. Sen, D. Marinov, and G. Agha. CUTE: a concolic unit testing engine for C. In FSE, 2005.
18. J. Seward and N. Nethercote. Using Valgrind to detect undefined value errors with bit-precision. In USENIX, 2005.
19. D. Sleator and R. Tarjan. Self-adjusting binary search trees. J. ACM, 32(3):652-686, 1985.
20. W. Visser, C. S. Pasareanu, and R. Pelánek. Test input generation for Java containers using state matching. In ISSTA, 2006.
21. D. Wagner, J. S. Foster, E. A. Brewer, and A. Aiken. A first step towards automated detection of buffer overrun vulnerabilities. In NDSS, 2000.
22. Y. Xie, A. Chou, and D. Engler. Archer: using symbolic, path-sensitive analysis to detect memory access errors. In FSE, 2003.
23. M. Zhivich, T. Leek, and R. Lippmann. Dynamic buffer overflow detection. In BUGS, 2005.
24. M. Zitser, R. Lippmann, and T. Leek. Testing static analysis tools using exploitable buffer overflows from open source code. In FSE, 2004.