DSpace Repository

Detecting possible format string vulnerabilities in C programs

Show simple item record

dc.contributor.author Huynh Buu Ky en_US
dc.date.accessioned 2015-01-12T10:39:59Z
dc.date.available 2015-01-12T10:39:59Z
dc.identifier.other AIT Thesis no.CS-03-17 en_US
dc.identifier.uri http://www.cs.ait.ac.th/xmlui/handle/123456789/281
dc.description Pathum Thani, Thailand : Asian Institute of Technology, 2003 en_US
dc.description 56 p. en_US
dc.description.abstract In June 2000, the first public release of form at string vulnerability against wu-ftp 2.6.0 has obtained major attention. This vulnerability arises from the combination of unchecked variable argument (varargs) functions and st andard C library implementations. Since then, various format string exploit techniques have been discovered and numerous incidents of format string attacks have been reported to date [1, 2, 6]. The exploitation of format string bug represents a whole new serious class of vulnerabilities in C programs that can be used to gain highest privileges on a local or remote host. The first part of this study explains the nature and analyses the tricks and limitations of format string exploits. A sema ntic model of simplified versi on of printf function is also established to give a formal explanation how format string bugs occur and how they cause the change of program flows. Part two disc usses currently well-known static and run-time defense strategies against this important clas s of vulnerabilities. Finally, we present our system which combines both static analysis and run-time checks. The system employs bottom-up qualified type inference engine to perfo rm static analyses to check source code for safety printf-like function calls, and automatically inserts run-time checks where safety cannot be guaranteed statically. Our tests on several vulnerable source code show that our system exhibits a lower rate of false positive than current top-down qua lified type inference one. Moreover, performance test shows that th e system imposes lower performance overhead than currently run-time solution.
dc.relation.ispartof Thesis no. CS-03-17 en_US
dc.relation.ispartof Asian Institute of Technology. Thesis no. CS-03-17 en_US
dc.subject String models en_US
dc.subject Data detection en_US
dc.subject C (Computer program language) en_US
dc.subject Computer security en_US
dc.title Detecting possible format string vulnerabilities in C programs en_US
dc.type Thesis en_US

Files in this item

This item appears in the following Collection(s)

Show simple item record

Search DSpace

Advanced Search


My Account