检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:CUI Baojiang JI Yupeng WANG Jianxin
机构地区:[1]Beijing University of Posts and Telecommunications, Beijing 100876, China [2]Beijing Forestry University, Beijing 100083, China
出 处:《Chinese Journal of Electronics》2012年第1期22-26,共5页电子学报(英文版)
基 金:This work is supported by the National Natural Science Foundation of China (No.61070207, No.61170268).
摘 要:Fuzz testing has some obvious disadvan- tages: (1) It is ineffective with if-else statement; (2) it can hardly deal with the input with unknown fixed structure; (3) randomly generated input can hardly pass the verifica- tion of input integrity applied by the target systems. On the other hand, Symbolic execution can overcome some of the obstacles above. However, most of them didn't han- dle the function of verification about the input integrity of program. Due to the limitation of fuzz test and symbolic execution to the verification of input integrity, we propose a reversed taint tracing approach to overcome this prob- lem. The key idea is that it traverses the entire path of program by symbolic execution and generates results from the path-reversed files. We found 7 unhandled exceptions in 7-zip, and revised 16 malformed files with correct CRCs to pass the 7-zip test and decompression.
关 键 词:Data flowing CHECKSUM Symbolic exe- cution.
分 类 号:TP316.7[自动化与计算机技术—计算机软件与理论] U463.7[自动化与计算机技术—计算机科学与技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.249