Detecting possible buffer overflow attacks in C program

Abstract

Buffer overflows are unintentional accesses to memory outside the intended object. In recent years, buffer overflow attacks ha ve become the most prevalent techniques used to hack both remote and local comput er systems. All the reason for such a profound spread of this kind of attack is that many software and operating systems are written in C language. C is inherently unsafe because array and pointer references are not automatically bounds-c hecked. Therefore, it is up to the programmers to do it themselves. Noneth eless, these security holes are often wrongly omitted or checked. In addition to its prevalence, this attack can cause the most serious problem to compromised sy stems. One solution to buffer overflow attacks is to statically detect possible vul nerabilities in C source codes before they are deployed. Much research has been done to solve this problem, however, in a subset of C features, which involves poi nter, array of char, one-dimension array, pointer arithmetic statements, a nd standard C string functions. This thesis will examine the principles of unix/linux buffer overflow vulnerabilities. Then, it will survey the existing static methods of detecting buffer overflows, and propose a better method that accumulates a larger domain of problems involving arrays of pointers. Finally, a prototype is implemented based on the proposed method.