Range Analysis of Binaries with Minimal Effort

  • Edd Barrett
  • Andy King
Conference paper

DOI: 10.1007/978-3-642-32469-7_7

Volume 7437 of the book series Lecture Notes in Computer Science (LNCS)
Cite this paper as:
Barrett E., King A. (2012) Range Analysis of Binaries with Minimal Effort. In: Stoelinga M., Pinger R. (eds) Formal Methods for Industrial Critical Systems. FMICS 2012. Lecture Notes in Computer Science, vol 7437. Springer, Berlin, Heidelberg

Abstract

COTS components are ubiquitous in military, industrial and governmental systems. However, the benefits of reduced development and maintainance costs are compromised by security concerns. Since source code is unavailable, security audits necessarily occur at the binary level. Push-button formal method techniques, such as model checking and abstract interpretation, can support this process by, among other things, inferring ranges of values for registers. Ranges aid the security engineer in checking for vulnerabilities that relate, for example, to integer wrapping, uninitialised variables and buffer overflows. Yet the lack of structure in binaries limits the effectiveness of classical range analyses based on widening. This paper thus contributes a simple but novel range analysis, formulated in terms of linear programming, which calculates ranges without manual intervention.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Edd Barrett
    • 1
  • Andy King
    • 1
  1. 1.School of ComputingUniversity of KentUK