Dynamic and static analyses of integer overflow vulnerabilities

Different software vulnerabilities have different characteristics. 220 integer overflow vulnerabilities are analyzed to develop three kinds of detection strategies to reduce the false positives from static analyses. Static analyses identify the type of integer overflow while dynamic analyses accurately identify the integer overflow vulnerability. This method combines the advantages of the two analyses to detect vulnerabilities. The static analysis is used to detect the integer overflow and obtain the integer overflow type and related information. This information is then used by the dynamic analysis to insert hooks into the code using the automatic pile technique. Then, the algorithm calls the integer overflow marker interface and performs symbolic execution with the reconstruction expressions. This method is used to analyze the Lighttpd-1.4.29 and Linux kernel 3.4 systems. This method can greatly reduce the number of false positives. The number of false positives for Lighttpd-1.4.29 is reduced by 374, accounting for 67.3% of the total. The number of false positives for Linux kernel 3.4 is reduced by 159 761, accounting for 98.2% of the total. This system also successfully finds the CVE-2011-4362 and CVE-2013-1763 integer overflow vulnerabilities. ©, 2014, Press of Tsinghua University. All right reserved.