Abstract
Static analysis of binary code is challenging for several reasons. In particular, standard static analysis techniques operate over control flow graphs, which are not available when dealing with self-modifying programs which can modify their own code at runtime. We formalize in the Coq proof assistant some key abstract interpretation techniques that automatically extract memory safety properties from binary code. Our analyzer is formally proved correct and has been run on several self-modifying challenges, provided by Caiet al.in their PLDI 2007 paper.
This work was supported by Agence Nationale de la Recherche, grant number ANR-11-INSE-003 Verasco.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Balakrishnan, G., Reps, T.W.: WYSINWYX: What you see is not what you eXecute. ACM Trans. Program. Lang. Syst. 32(6) (2010)
Bardin, S., Herrmann, P., Védrine, F.: Refinement-Based CFG Reconstruction from Unstructured Programs. In: Jhala, R., Schmidt, D. (eds.) VMCAI 2011. LNCS, vol. 6538, pp. 54–69. Springer, Heidelberg (2011)
Blazy, S., Laporte, V., Maroneze, A., Pichardie, D.: Formal Verification of a C Value Analysis Based on Abstract Interpretation. In: Logozzo, F., Fähndrich, M. (eds.) SAS 2013. LNCS, vol. 7935, pp. 324–344. Springer, Heidelberg (2013)
Bonfante, G., Marion, J.Y., Reynaud-Plantey, D.: A Computability Perspective on Self-Modifying Programs. In: SEFM, pp. 231–239 (2009)
Cachera, D., Pichardie, D.: A Certified Denotational Abstract Interpreter. In: Kaufmann, M., Paulson, L.C. (eds.) ITP 2010. LNCS, vol. 6172, pp. 9–24. Springer, Heidelberg (2010)
Cai, H., Shao, Z., Vaynberg, A.: Certified Self-Modifying Code. In: PLDI, pp. 66–77. ACM (2007)
Chlipala, A.: Mostly-automated verification of low-level programs in computational separation logic. In: PLDI. ACM (2011)
Companion website, http://www.irisa.fr/celtique/ext/smc
Cousot, P., Cousot, R.: Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: POPL, pp. 238–252. ACM (1977)
Jensen, J., Benton, N., Kennedy, A.: High-Level Separation Logic for Low-Level Code. In: POPL. ACM (2013)
Kennedy, A., et al.: Coq: The world’s best macro assembler? In: PPDP, pp. 13–24. ACM (2013)
Kinder, J.: Towards static analysis of virtualization-obfuscated binaries. In: WCRE, pp. 61–70 (2012)
Klein, G., Nipkow, T.: A Machine-Checked Model for a Java-Like Language, Virtual Machine and Compiler. ACM TOPLAS 28(4), 619–695 (2006)
Morrisett, G., et al.: RockSalt: better, faster, stronger SFI for the x86. In: PLDI, pp. 395–404 (2012)
Myreen, M.O.: Verified just-in-time compiler on x86. In: POPL, pp. 107–118. ACM (2010)
Nipkow, T.: Abstract Interpretation of Annotated Commands. In: Beringer, L., Felty, A. (eds.) ITP 2012. LNCS, vol. 7406, pp. 116–132. Springer, Heidelberg (2012)
Robert, V., Leroy, X.: A Formally-Verified Alias Analysis. In: Hawblitzel, C., Miller, D. (eds.) CPP 2012. LNCS, vol. 7679, pp. 11–26. Springer, Heidelberg (2012)
Stewart, G., Beringer, L., Appel, A.W.: Verified heap theorem prover by paramodulation. In: ICFP, pp. 3–14. ACM (2012)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Blazy, S., Laporte, V., Pichardie, D. (2014). Verified Abstract Interpretation Techniques for Disassembling Low-level Self-modifying Code. In: Klein, G., Gamboa, R. (eds) Interactive Theorem Proving. ITP 2014. Lecture Notes in Computer Science, vol 8558. Springer, Cham. https://doi.org/10.1007/978-3-319-08970-6_9
Download citation
DOI: https://doi.org/10.1007/978-3-319-08970-6_9
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-08969-0
Online ISBN: 978-3-319-08970-6
eBook Packages: Computer ScienceComputer Science (R0)