Drop Down MenusCSS Drop Down MenuPure CSS Dropdown Menu

mercredi 27 mai 2015

Automatic Discovery and Patching of Buffer and Integer Overflow Errors

Automatic Discovery and Patching of Buffer and Integer Overflow Errors Sidiroglou-Douskos, Stelios; Lahtinen, Eric; Rinard, Martin We present Targeted Automatic Patching (TAP), an automatic buffer and integer overflow discovery and patching system. Starting with an application and a seed input that the application processes correctly, TAP dynamically analyzes the execution of the application to locate target memory allocation sites and statements that access dynamically or statically allocated blocks of memory. It then uses targeted error-discovery techniques to automatically generate inputs that trigger integer and/or buffer overflows at the target sites. When it discovers a buffer or integer overflow error, TAP automatically matches and applies patch templates to generate patches that eliminate the error. Our experimental results show that TAP successfully discovers and patches two buffer and six integer overflow errors in six real-world applications.

from Computer Science and Artificial Intelligence Lab (CSAIL) http://ift.tt/1GE0T82

0 commentaires:

Enregistrer un commentaire

 

Blogger news

Blogroll

Fourni par Blogger.