Static detection of real-world buffer overflow induced by loop

Akritidis, 2009, Baggy bounds checking: an efficient and backwards-compatible defense against out-of-bounds errors Ashcraft, 2002, Using programmer-written compiler extensions to catch security holes Avgerinos, 2014, Enhancing symbolic execution with veritesting base64. Available from http://flex.phys.tohoku.ac.jp/japanese/kouhou04/konnen/php-4.3.5. Bhatkar, 2003, Address obfuscation: an efficient approach to combat a broad range of memory error exploits Checkmarx. Application Security Testing. https://www.checkmarx.com/. Cifuentes, 2008, Parfait: designing a scalable bug checker Cowan, 1998, StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks deftree. Available from http://ftp.mozilla.org/pub/security/nss/releases/NSS_3_2_1_RTM. Ding, 2016, Accurate and efficient exploit capture and classification, Sci. China Inf. Sci., 60, 1 duktape. Available from https://github.com/civetweb/civetweb/tree/master/src/third_party/duktape-1.5.2. Evans, 2002, Improving security using extensible lightweight static analysis, IEEE Softw., 19, 42, 10.1109/52.976940 Fang, 2014, Discovering buffer overflow vulnerabilities in the wild: an empirical study crypt freesec. Available from https://github.com/facebook/hhvm. Ganapathy, 2003, Buffer overrun detection using linear programming and static analysis Gao, 2016, BovInspector: automatic inspection and repair of buffer overflow vulnerabilities Gopan, 2015, Data-delineation in software binaries and its application to buffer-overrun discovery Haller, 2013, Dowsing for overflows: a guided fuzzer to find buffer boundary violations Haugh, 2003, Testing C programs for buffer overflow vulnerabilities helper. Available from https://github.com/adamilab/eos. Jones, 1997, Backwards-compatible bounds checking for arrays and pointers in C programs JS_Util_String. Available from https://github.com/joseserverproject/JoseServer. Khedker, U. P., 2014. Buffer Overflow Analysis for C. ArXiv e-prints. Kim, 2004, AutoGraph: toward automated, distributed worm signature detection Larochelle, 2001, Statically detecting likely buffer overflow vulnerabilities Le, 2008, Marple: a demand-driven path-sensitive buffer overflow detector lemon. Available from https://github.com/theory/flex-lemon-example. Lhee, 2002, Type-assisted dynamic buffer overflow detection Li, 2010, Practical and effective symbolic analysis for buffer overflow detection linux_simu. Available from https://github.com/OpenJabNab/OpenJabNab/blob/master/bootcode/compiler/mtl_linux. LottoPrj. Available from https://github.com/FoRTe21/LottoPrj. lstrlib. Available from https://www.lua.org/source/5.1/lstrlib.c.html. lua. Available from https://github.com/lua/lua. mkkeywordhash. Available from https://git.ucd.ie/ol/gridsolve. de Moura, 2008 Necula, 2002, CIL: intermediate language and tools for analysis and transformation of C programs Necula, 2002, CCured: type-safe retrofitting of legacy code Newsome, 2006, Vulnerability-specific execution filtering for exploit prevention on commodity software NVD. National vulnerability database. https://nvd.nist.gov/. Ottenstein, 1984, The program dependence graph in a software development environment, 19, 177 Perl, 2015, VCCFinder: finding potential vulnerabilities in open-source projects to assist code audits Pratikakis, 2011, Locksmith: practical static race detection for C, ACM Trans. Program. Lang. Syst., 33, 1, 10.1145/1889997.1890000 preserve. Available from https://github.com/hyc/webalizer. Rawat, 2012, Finding buffer overflow inducing loops in binary executables sds. Available from https://github.com/antirez/redis. Serebryany, 2012, Addresssanitizer: a fast address sanity checker server. Available from https://github.com/ToTenMilan/cs50-psets. Sidiroglou-Douskos, 2015, Targeted automatic integer overflow discovery using goal-directed conditional branch enforcement slg_master. Available from https://github.com/fgaud/SLG. Song, 2008, BitBlaze: a new approach to computer security via binary analysis sqlite3. Available from https://www.sqlite.org. sws. Available from https://github.com/wilbeibi/sws. The PaX Team. Data execution prevention. https://pax.grsecurity.net/. teamWebserver. Available from https://github.com/xiaominfc/teamtalk_websocket_server. util. Available from https://github.com/mbmccormick/purdue. Viega, 2000, ITS4: a static vulnerability scanner for C and C++ code Wagner, 2000, A first step towards automated detection of buffer overrun vulnerabilities Wang, 2017, Skyfire: Data-driven seed generation for fuzzing Wang, T., Lin, Z., 2009. IntScope: Automatically Detecting Integer Overflow Vulnerability in  × 86 Binary Using Symbolic Execution. Wang, 2010, TaintScope: a checksum-aware directed fuzzing tool for automatic software vulnerability detection Wang, 2016, SeededFuzz: selecting and generating seeds for directed fuzzing Wang, 2012, Improving integer security for systems with KINT Weiser, 1979 Wikipedia. Wannacry Ransomware Attack. https://en.wikipedia.org/wiki/WannaCry_ransomware_attack. Xie, 2003, Archer: using symbolic, path-sensitive analysis to detect memory access errors Xu, 2008, Testing for buffer overflows with length abstraction Yamaguchi, 2014, Modeling and discovering vulnerabilities with code property graphs Yamaguchi, 2013, Chucky: exposing missing checks in source code for vulnerability discovery Ye, 2016, An empirical study on detecting and fixing buffer overflow bugs Zeng, 2015, HeapTherapy: an efficient end-to-end solution against heap buffer overflows Zhang, 2013, Practical control flow integrity and randomization for binary executables