Precise Buffer Overflow Detection via Model Checking
Sagar
Chaki, Scott Hissam,
Whitepaper, 2005
Abstract:
Buffer overflows are the source of a vast majority of vulnerabilities
in today's software. Existing solution for detecting buffer overflow,
either statically or dynamically, have serious drawbacks that hinder
their wider adoption by practitioners. In this paper we present an
automated overflow detection technique based on model checking and
iterative refinement. We discuss advantages, and limitations, of our
approach with respect to today'ss existing solutions. We also describe
how our approach may be implemented on top of a model checking
technology being developed at the Software Engineering Institute
(SEI).
PDF
© Carnegie Mellon University