An integer overflow detection method based on integer variable unification

被引:0
|
作者
Xu, Guo-Ai [1 ]
Zhang, Miao [1 ]
Chen, Ai-Guo [1 ]
Li, Zhong-Xian [2 ]
机构
[1] National Engineering Laboratory for Disaster Backup and Recovery, Beijing University of Posts and Telecommunications, Beijing 100876, China
[2] National Cybernet Security Limited, Tianjin 300052, China
来源
Beijing Youdian Daxue Xuebao/Journal of Beijing University of Posts and Telecommunications | 2008年 / 31卷 / 06期
关键词
Security of data;
D O I
暂无
中图分类号
学科分类号
摘要
Through analyzing the principium of integer overflow, an integer overflow detection method on software source code is proposed which is based on integer variable unification. We presented the integer variable unification method and defined three unified actions which were used in three given cases. Then the detection process was described, it simplified integer overflow flaw into mathematic inequalities, and removed the influence of context to the objective variable. Finally, instances were provided to demonstrate the effectiveness and practicability of the presented method.
引用
收藏
页码:90 / 93
相关论文
共 50 条
  • [21] Crosschecking Distributed Data to Detect Integer Overflow
    Saggioro, L. F. Z.
    Paisante, V. M.
    Rodrigues, R. E.
    Oliveira, L. B.
    Pereira, F. M. Q.
    IEEE LATIN AMERICA TRANSACTIONS, 2015, 13 (04) : 1083 - 1089
  • [22] Detecting Integer Overflow in Windows Binary Executables based on Symbolic Execution
    Zhang, Bin
    Feng, Chao
    Wu, Bo
    Tang, Chaojing
    2016 17TH IEEE/ACIS INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING, ARTIFICIAL INTELLIGENCE, NETWORKING AND PARALLEL/DISTRIBUTED COMPUTING (SNPD), 2016, : 385 - 390
  • [23] RICB: Integer Overflow Vulnerability Dynamic Analysis via Buffer Overflow
    Wang Yong
    Gu Dawu
    Xu Jianping
    Wen Mi
    Deng Liwen
    CHINA COMMUNICATIONS, 2010, 7 (06) : 10 - 16
  • [24] On a class of mixed-integer sets with a single integer variable
    Di Summa, Marco
    OPERATIONS RESEARCH LETTERS, 2010, 38 (06) : 556 - 558
  • [25] PROBLEM OF MAXIMUM WITH AN INTEGER VARIABLE
    GAY, A
    GIORNALE DEGLI ECONOMISTI E ANNALI DI ECONOMIA, 1977, 36 (1-2) : 101 - 108
  • [26] SMT-Constrained Symbolic Execution Engine for Integer Overflow Detection in C Code
    Muntean, Paul
    Rahman, Mustafizur
    Ibing, Andreas
    Eckert, Claudia
    2015 INFORMATION SECURITY FOR SOUTH AFRICA - PROCEEDINGS OF THE ISSA 2015 CONFERENCE, 2015,
  • [27] Diagnosis and Emergency Patch Generation for Integer Overflow Exploits
    Wang, Tielei
    Song, Chengyu
    Lee, Wenke
    DETECTION OF INTRUSIONS AND MALWARE, AND VULNERABILITY ASSESSMENT, DIMVA 2014, 2014, 8550 : 255 - 275
  • [28] N bit result integer multiplier with overflow detector
    Cha, YH
    Cho, GY
    Choi, HH
    Song, HB
    ELECTRONICS LETTERS, 2001, 37 (15) : 940 - 942
  • [29] Sound Input Filter Generation for Integer Overflow Errors
    Long, Fan
    Sidiroglou-Douskos, Stelios
    Kim, Deokhwan
    Rinard, Martin
    ACM SIGPLAN NOTICES, 2014, 49 (01) : 439 - 452
  • [30] Static Analysis of Integer Overflow of Smart Contracts in Ethereum
    Lai, Enmei
    Luo, Wenjun
    2020 4TH INTERNATIONAL CONFERENCE ON CRYPTOGRAPHY, SECURITY AND PRIVACY (ICCSP 2020), 2020, : 110 - 115
12345