近几年,针对整形漏洞的攻击数目急剧上升.整形漏洞由于隐蔽性高,成为危害巨大的软件漏洞之一.本文提出了一种自动检测整形漏洞的防御工具,它结合了静态和动态程序分析技术.在静态分析阶段,该工具反编译二进制程序, 并创建可疑的指令集.在动态分析阶段,该工具动态地扫描可疑集中的指令,结合可触发漏洞的输入,判断指令是否是整形漏洞.我们的工具有两个优点:首先,它提供了精确并且充足的类型信息.其次,通过基于反编译器的静态分析,工具减少了动态运行时需要检测的指令数目.实验结果表明,我们的工具可以有效地检测到实际程序中的整形漏洞,并且在我们检测的软件中,没有发现漏报,误报率也很低.

In recent years,Integer bugs have been rising sharply and become a potential threat as it is often hidden behind other bugs.In this paper,we propose a tool which can automatically detect Integer bugs.We implement the tool based on static and dynamic program analysis.In the static phase,the tool decompiles a binary and creates the suspect instruction set.In the dynamic phase,it monitors the instructions in the suspect set and generates the test cases to further detect which instructions are real Integer bugs.Our tool has two advantages.First,it provides more accurate and sufficient type information.Second,static analysis reduces the instructions which are monitored at runtime.Experimental results shows that our tool can efficiently detect the Integer bugs in several real-world programs.In addition,our tool has no false negatives and low false positives.