基于行为监测的嵌入式操作系统堆栈溢出测试  被引量：1

作　　者：杨兴达 陈灿 方菱 YANG Xing-da;CHEN Can;FANG Ling(Institutes of Physical Science and Information Technology,Anhui University,Hefei 230000;Hefei Institutes of Physical Science,Chinese Academy of Sciences,Hefei 230000,China)

机构地区：[1]安徽大学物质科学与信息技术研究院,安徽合肥230000 [2]中国科学院合肥物质科学研究院,安徽合肥230000

出　　处：《计算机工程与科学》2022年第11期1918-1923,共6页Computer Engineering & Science

基　　金：安徽省重点研究与开发计划(202004a05020041)。

摘　　要：堆栈测试是嵌入式操作系统安全评估的重要环节,堆栈溢出会覆盖邻近堆栈中的数据,造成数据错乱进而引发系统崩溃。然而捕获并定位堆栈溢出具有一定难度。首先,溢出数据可能会侵占操作系统中其它任务的私有堆栈,而发生溢出的任务本身没有异常表现,以致难以确定堆栈溢出的根源;其次,由于操作系统任务的优先级差异,堆栈溢出的暴露时间可能滞后于其发生时间。提出了一种基于实时堆栈分配与回收行为监测的动态堆栈测试方法,首先在堆栈行为测试点插入桩函数,以采集任务堆栈的测试码;然后设置上位机测试程序,以分析测试码并提供测试结果,实现实时捕获并定位堆栈溢出。利用此方法,在基于车载远程信息处理终端的实际测试中,定位到了3处造成系统崩溃或复位的堆栈溢出异常,评估了操作系统堆栈的安全性。另外,根据测试结果,优化了堆栈大小的静态分配,在单个任务中最多节省了42%的堆栈空间,并将整个任务RAM压缩至原来的63%。Stack test is an important part of security evaluation of embedded operating systems.Stack overflow will overwrite the data in the adjacent stack,resulting in data confusion and system crash.However,catching and locating stack overflows can be difficult.Firstly,the overflow data may invade the private stack of other tasks in the operating system,and the overflowing task itself has no abnormal behavior,so that it is difficult to determine the root cause of the stack overflow.Secondly,stack overflows may be exposed later than their occurrence due to the priority differences of the operating system tasks.In this research,a dynamic stack test method based on real-time stack allocation and recovery behavior monitoring is proposed.Firstly,instrumentation is inserted at the stack behavior test point to collect the test code of the test stack.Then,the Upper Test(UT)is set to analyze the test code and provide the test result,which can realize the real-time capture and locate the stack overflow.In the actual test based on telematics terminal,this method is used to locate three stack overflow that caused the system to crash or reset,and the safety of the operating system stack is eval-uated.In addition,according to the test results,the static allocation of the stack size is optimized,which saves up to 42%of the stack space in a single task and compresses the entire RAM of tasks to 63%of the original.

关 键 词：操作系统 程序插桩 堆栈测试 动态测试 

分 类 号：TP306[自动化与计算机技术—计算机系统结构]