Skip to main content
SpringerLink
Log in
Book cover

International Conference on Computer Safety, Reliability, and Security

SAFECOMP 2018: Computer Safety, Reliability, and Security pp 99–111Cite as

Constraint-Based Testing for Buffer Overflows

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 11094))

Abstract

This article proposes two heuristic approaches targeted at the optimized generation of test cases capable of triggering buffer overflows resp. underflows. Both testing techniques are based on guiding conditions statically derived by Integer Constraint Analysis. First experimental evaluations confirmed the superiority of local optimization algorithms over global ones.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   69.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   89.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Al Sardy, L., Tang, T., Spisländer, M., Saglietti, F.: Analysis of potential code vulnerabilities involving overlapping instructions. In: Tonetta, S., Schoitsch, E., Bitsch, F. (eds.) SAFECOMP 2017. LNCS, vol. 10489, pp. 103–113. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66284-8_10

    Chapter  Google Scholar 

  2. Andriesse, D., Bos, H.: Instruction-level steganography for covert trigger-based malware. In: Dietrich, S. (ed.) DIMVA 2014. LNCS, vol. 8550, pp. 41–50. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-08509-8_3

    Chapter  Google Scholar 

  3. Chess, B., McGraw, G.: Static analysis for security. In: IEEE Security & Privacy, vol. 2, pp. 76–79. IEEE (2004). https://doi.org/10.1109/msp.2004.111

  4. Del Grosso, C., Antoniol, G., Merlo, E., Galinier, P.: Detecting buffer overflow via automatic test input data generation. In: Computers & Operations Research, vol. 35, pp. 3125–3143. Elsevier (2008)

    Google Scholar 

  5. Department of Homeland Security (U.S.): Annual Vulnerability Coordination Report. National Cybersecurity and Communications Integration Center/Industrial Control Systems Cyber Emergency Response Team (2016)

    Google Scholar 

  6. Dor, N., Rodeh, M., Sagiv, M.: Cleanness checking of string manipulations in C programs via integer analysis. In: Cousot, P. (ed.) SAS 2001. LNCS, vol. 2126, pp. 194–212. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-47764-0_12

    Chapter  MATH  Google Scholar 

  7. Dor, N., Rodeh, M., Sagiv, M.: CSSV: towards a realistic tool for statically detecting all buffer overflows. In: Programming Language Design and Implementation (PLDI), vol. 38, pp. 155–167. ACM (2003). https://doi.org/10.1145/780822.781149

  8. Evans, D., Larochelle, D.: Improving security using extensible lightweight static analysis. IEEE Softw. 19, 42–51 (2002). https://doi.org/10.1109/52.976940

    Article  Google Scholar 

  9. Foster, J.C., Osipov, V., Bhalla, N., Heinen, N.: Buffer Overflow Attacks: Detect, Exploit, Prevent. Syngress, Rockland (2005)

    Google Scholar 

  10. Haugh, E., Bishop, M.: Testing C programs for buffer overflow vulnerabilities. In: Network and Distributed System Security Symposium (2003)

    Google Scholar 

  11. International Organization for Standardization (ISO): Programming Languages ─ C, International Standard ISO/ IEC 9899:TC3 (E). ISO (2007). http://www.open-std.org

  12. Jämthagen, C., Lantz, P., Hell, M.: Exploiting trust in deterministic builds. In: Skavhaug, A., Guiochet, J., Bitsch, F. (eds.) SAFECOMP 2016. LNCS, vol. 9922, pp. 238–249. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-45477-1_19

    Chapter  Google Scholar 

  13. Larochelle, D., Evans D.: Statically detecting likely buffer overflow vulnerabilities. In: 10th Conference on USENIX Security Symposium, vol. 10, pp. 177–190. ACM (2001)

    Google Scholar 

  14. Le. W., Soffa, M.L.: Marple: a Demand-driven path-sensitive buffer overflow detector. In: 16th ACM SIGSOFT International Symposium on Foundations of Software Engineering. ACM (2008). https://doi.org/10.1145/1453101.1453137

  15. Lhee, K., Chapin, S.: Buffer overflow and format string overflow vulnerabilities. J. Softw. Pract. Exp. 33, 423–460 (2003). https://doi.org/10.1002/spe.515

  16. Oster, N., Saglietti, F.: Automatic test data generation by multi-objective optimisation. In: Górski, J. (ed.) SAFECOMP 2006. LNCS, vol. 4166, pp. 426–438. Springer, Heidelberg (2006). https://doi.org/10.1007/11875567_32

    Chapter  Google Scholar 

  17. Padmanabhuni, B.M., Tan, H.B.K.: Auditing buffer overflow vulnerabilities using hybrid static–dynamic analysis. In: 38th Annual International Computers, Software and Applications Conference, vol. 10, pp. 54–61 (2014). https://doi.org/10.1109/compsac.2014.62

  18. Saglietti, F., Meitner, M., von Wardenburg, L., Richthammer, V.: Analysis of informed attacks and appropriate countermeasures for cyber-physical systems. In: Skavhaug, A., Guiochet, J., Schoitsch, E., Bitsch, F. (eds.) SAFECOMP 2016. LNCS, vol. 9923, pp. 222–233. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-45480-1_18

    Chapter  Google Scholar 

  19. Schneider Electric Software Security Response Center: InduSoft Web Studio and InTouch Machine Edition – Remote Code Execution Vulnerability, Security Bulletin LFSEC00000125 (2018)

    Google Scholar 

  20. Shahriar, H., Zulkernine, M.: Classification of static analysis-based buffer overflow detectors. In: 4th International Conference on Secure Software Integration and Reliability Improvement Companion (SSIRI-C). IEEE (2010). https://doi.org/10.1109/ssiri-c.2010.28

  21. Shahriar, H., Zulkernine, M.: Mutation-based testing of buffer overflow vulnerabilities. In: Computer Software and Applications (COMPSAC 2008), pp. 979–984. IEEE (2008)

    Google Scholar 

  22. Tracey, N., Clark, J., Mander, K., McDermid, J.: An automated framework for structural test-data generation. In: 13th IEEE International Conference on Automated Software Engineering, pp. 285–288. IEEE (1998). https://doi.org/10.1109/ase.1998.732680

  23. Wagner, D., Foster, J.S., Brewer, E.A., Aiken, A.: A first step towards automated detection of buffer overrun vulnerabilities. In: Network and Distributed System Security Symposium (NDSS), pp. 3–17 (2000)

    Google Scholar 

  24. Wegener, J., Baresel, A., Sthamer, H.: Evolutionary test environment for automatic structural testing. In: Information and Software Technology, vol. 43, pp. 841–854. Elsevier (2001). https://doi.org/10.1016/s0950-5849(01)00190-2

  25. Weiser, M.: Program slicing. In: 5th International Conference on Software Engineering, pp. 439–449. IEEE Press (1981)

    Google Scholar 

Download references

Acknowledgement

The authors gratefully acknowledge that a major part of the work presented was supported by the German Federal Ministry for Economic Affairs and Energy (BMWi), project no. 1501502C (SMARTEST). They also thank Marc Spisländer for his support in providing the code examples considered in this article.

Author information

Authors and Affiliations

  1. Software Engineering (Informatik 11), University of Erlangen-Nuremberg, Martensstr. 3, 91058, Erlangen, Germany

    Loui Al Sardy, Francesca Saglietti, Tong Tang & Heiko Sonnenberg

Authors
  1. Loui Al Sardy
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Francesca Saglietti
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Tong Tang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Heiko Sonnenberg
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Loui Al Sardy or Francesca Saglietti .

Editor information

Editors and Affiliations

  1. Mälardalen University, Västerås, Sweden

    Barbara Gallina

  2. Norwegian University of Science and Technology, Trondheim, Norway

    Amund Skavhaug

  3. AIT Austrian Institute of Technology, Vienna, Austria

    Erwin Schoitsch

  4. Thales Deutschland GmbH, Ditzingen, Germany

    Friedemann Bitsch

Appendix

Appendix

Fig. 3.
figure 3

Code of Example 1

Full size image

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Al Sardy, L., Saglietti, F., Tang, T., Sonnenberg, H. (2018). Constraint-Based Testing for Buffer Overflows. In: Gallina, B., Skavhaug, A., Schoitsch, E., Bitsch, F. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2018. Lecture Notes in Computer Science(), vol 11094. Springer, Cham. https://doi.org/10.1007/978-3-319-99229-7_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-99229-7_10

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-99228-0

  • Online ISBN: 978-3-319-99229-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation