IntFinder: Automatically detecting Integer bugs in x86 binary program

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 5927 LNCS, Issue , 2009, Pages 336-345

  Chen, Ping ^a   Han, Hao ^a   Wang, Yi ^a   Shen, Xiaobin ^b   Yin, Xinchun ^b   Mao, Bing ^a   Xie, Li ^a  

^a NANJING UNIVERSITY   (China)

^b YANGZHOU UNIVERSITY   (China)

Author keywords

[No Author keywords available]

Indexed keywords

BINARY PROGRAMS; ERROR PRONES; FALSE POSITIVE; INSTRUCTION SET; STATIC AND DYNAMIC ANALYSIS; TYPE INFORMATION;

BINARY CODES; DYNAMIC ANALYSIS; NETWORK SECURITY;

PROGRAM DEBUGGING;

EID: 76549130517     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-642-11145-7_26     Document Type: Conference Paper

References (25)

1. Integer overflow in parse-decode-path of slocate. CVE (2003), http://www.cve.mitre.org/cgi-bin/ cvename.cgi?name=CVE-2003-0326
2. Integer overflow in zgv-5.8. CVE (2004), http://www.cve.mitre.org/cgi- bin/ cvename.cgi?name=CVE-2004-1095
3. Integer underflow in ngircd before 0.8.2. CVE (2005), http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0199
4. Ssh crc-32 compensation attack detector vulnerability. CVE (2005), http://www.cve.mitre.org/cgi-bin/ cvename.cgi?name=CVE-2001-0144
5. Cve version: 20061101. CVE (2006), http://www.cve.mitre.org/cgi-bin/ cvekey.cgi?keyword=integer
6. Integer overflow in pdftops. CVE (2007), http://www.cve.mitre.org/cgi- bin/ cvename.cgi?name=CVE-2008-1384
7. Vulnerability type distributions in cev. CVE (2007), http://cve.mitre. org/docs/vuln-trends/vuln-trends.pdf
8. Signedness error in python-2.5.2. CVE (2008), http://www.cve.mitre.org/ cgi-bin/ cvename.cgi?name=CVE-2008-1721
9. Brumley, D., cker Chiueh, T., Johnson, R., Lin, H., Song, D.: Rich: Automatically protecting against integer-based vulnerabilities. In: Proceedings of the 14th Annual Network and Distributed System Security, NDSS (2007)
10. Chen, P.,Wang, Y., Xin, Z., Mao, B., Xie, L.: Brick: A binary tool for run-time detecting and locating integer-based vulnerability. In: International Conference on Availability, Reliability and Security, pp. 208-215 (2009)
11. Dipanwita, S., Muthu, J., Jay, T., Ramanathan, V.: Flow-insensitive static analysis for detecting integer anomalies in programs. In: Proceedings of the 25th conference on IASTED International Multi-Conference (SE 2007), pp. 334-340. ACTA Press, Anaheim (2007)
12. Emmerik, M.J.V.: Static Single Assignment for Decompilation. Ph.D. thesis (2007)
13. Evans, D., Guttag, J., Horning, J., Tan, Y.M.: Lclint:a tool for using specification to check code. In: Proceedings of the ACM SIGSOFT 1994 Symposium on the Foundations of Software Engineering, pp. 87-96 (1994)
14. Horovitz, O.: Big loop integer protection. Phrack Inc (2002), http://www.phrack.org/issues.html?issue=60&id=9#article
15. Howard, M.: Safe integer arithmetic in c (2006), http://blogs.msdn.com/ michaelhoward/ archive/2006/02/02/523392.aspx
16. Jim, T.,Morrisett, G., Grossman, D., Hicks, M., Cheney, J.,Wang, Y.: Cyclone: A safe dialect of c. In: Proceedings of the Annual Conference on USENIX Annual Technical Conference (2002)
17. LeBlanc, D.: Integer handling with the c++ safeint class (2004), http://msdn.microsoft.com/library/default.asp?url=/ library/en-us/dncode/html/ secure01142004.asp
18. Lin, Z., Zhang, X., Xu, D.: Convicting exploitable software vulnerabilities: An efficient input provenance based approach. In: Proceedings of the 38th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN-DCCS 2008 (2008)
19. Luk, C.K., Cohn, R., Muth, R., Patil, H., Klauser, A., Lowney, G., Wallace, S., Reddi, V.J., Hazelwood, K.: Pin: Building customized program analysis tools with dynamic instrumentation. In: Programming Language Design and Implementation, pp. 190-200 (2005)
20. Molnar, D., Li, X.C.,Wagner, D.: Dynamic test generation to find integer bugs in x86 binary linux programs. In: Proceedings of the USENIX 2009 Annual Technical Conference (2009)
21. Necula, G.C., McPeak, S., Weimer, W.: Ccured: Type-safe retrofitting of legacy code. In: Proceedings of the Principles of Programming Languages, pp. 128-139 (2002)
22. Seward, J., Nethercote, N.: Using valgrind to detect undefined value errors with bit-precision. In: Proceedings of the annual conference on USENIX Annual Technical Conference (2005)
23. Stalling, W.: Computer organization and architecture designing for performance. Prentice Hall, Inc., Englewood Cliffs (1996)
24. Wang, T., Wei, T., Lin, Z., Zou, W.: Intscope: Automatically detecting integer overflow vulnerability in x86 binary using symbolic execution. In: Proceedings of the 16th Annual Network and Distributed System Security Symposium, NDSS 2009 (2009)
25. Wojtczuk, R.: Uqbtng: a tool capable of automatically finding integer overflows in win32 binaries. In: 22nd Chaos Communication Congress (2005)