检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:许敏 胡勇 李新建[2] XU Min;HU Yong;LI Xin-Jian(School of Cyber Science and Engineering,Sichuan University,Chengdu 610065,China;China Tobacco Hubei Industrial LLC,Wuhan 430040,China)
机构地区:[1]四川大学网络空间安全学院,成都610065 [2]湖北中烟工业有限责任公司,武汉430040
出 处:《四川大学学报(自然科学版)》2024年第4期172-181,共10页Journal of Sichuan University(Natural Science Edition)
基 金:国家重点研发计划项目(2021YGB3101800)。
摘 要:随着UAF漏洞的关注度上升,其利用方式更加多样,对计算机系统造成的威胁愈发严重.因此,本文提出一个轻量级的UAF漏洞检测方案.该方案在LLVM IR的基础上收集被测试程序中所有可能的悬空指针;然后,对它们进行精准的数据流分析和控制流分析后,可以排除再次定义的指针,得到所有悬空指针;最后,对悬空指针进行可达性分析和数据流分析即可得到UAF漏洞的操作序列.该方案还通过2种方式减少系统开销:将过程间分析简化为过程内分析和结合数据流分析的别名分析算法.在开源的测试用例和真实程序上测试的实验结果表明,该方案可以快速、准确地识别出代码中的UAF漏洞,并报告危险的操作序列.With the increasing attention paid to the UAF vulnerability,its exploitation methods have become more diverse and the threat posed to computer systems has become more serious.Therefore,this paper proposes a lightweight UAF vulnerability detection scheme.The scheme accumulates all possible dangling pointers in the program under test based on LLVM IR,and then after performing accurate data flow analysis and control flow analysis on them,the redefined pointers can be excluded and all dangling pointers can be obtained.Finally,the operation sequence of the UAF vulnerability can be obtained by performing reachability analysis and data flow analysis on the dangling pointer.The scheme also reduces system overhead in two ways:simplifying inter-procedural analysis to intra-procedural analysis and combining alias analysis algorithms with data flow analysis.The experiment results tested on open-source test cases and real programs show that the scheme can quickly and accurately identify UAF vulnerabilities in the code and report the dangerous operation sequences.
分 类 号:TP391.1[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.143