Abstract
In many C programs, debugging requires significant effort and can consume a lot of time. Even if the bug’s cause is known, detecting a bug in such programs and generating a bug fix patch manually is a tedious task. In this paper, we present a novel approach used to generate bug fixes for buffer overflow automatically using static execution, code patch patterns, quick fix locations, user input saturation and Satisfiability Modulo Theories (SMT). The generated patches are syntactically correct, can be semi-automatically inserted into code and do not need additional human refinement. We evaluated our approach on 58 C open source programs contained in the Juliet test suite and measured an overhead of 0.59 % with respect to the bug detection time. We think that our approach is generalizable and can be applied with other bug checkers that we developed.
Keywords
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Aho, A.V., et al.: A minimum-distance error-correcting parser for context-free languages. SIAM J. Comput. 1(4), 305–312 (1972)
Chen, L., et al.: R2Fix: automatically generating bug fixes from bug reports. In: Proceedings of the 2013 IEEE 6th ICST
Crispin, C., et al.: StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks. In: Proceedings of the 7th USENIX SSYM 1998
Crispin, C., et al.: Buffer overflows: attacks and defenses for the vulnerability of the decade*. In: DARPA Discex 2000
de Moura, L., Bjørner, N.S.: Z3: an efficient SMT solver. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 337–340. Springer, Heidelberg (2008)
Deepak, G., et al.: TIED, LibsafePlus: tools for runtime buffer overflow protection. In: Proceedings of the 13th Conference on USENIX Security Symposium, SSYM 2004
DeMarco, F., et al.: Automatic repair of buggy if conditions and missing preconditions with SMT. In: Proceedings of the CSTVA 2014
Demsky, B., Rinard, M.: Automatic detection and repair of errors in data structures. In: Proceedings of the ACM SIGPLAN OOPSLA 2003
Emery, D.B.: HeapShield: library-based heap overflow protection for free. UMass CS TR 06-28 (2006)
Gu, Z., et al.: Has the bug really been fixed? In: Proceedings of the ICSE 2010
Haddad, H.M., Shahriar, H.: Rule-based source level patching of buffer overflow vulnerabilities. In: Proceedings of the 10th ITNG 2013
Harrold, M.J., et al.: Fault prediction, localization, and repair. Dagstuhl Seminar 13061, February 2013
Ibing, A.: SMT-constrained symbolic execution for eclipse CDT/Codan. In: Proceedings of the 3th WS-FMDS 2013
Ibing, A.: Path-sensitive race detection with partial order reduced symbolic execution. In: Canal, C., Idani, A. (eds.) SEFM 2014 Workshops. LNCS, vol. 8938, pp. 311–322. Springer, Heidelberg (2015)
Ibing, A., Mai, A.: A fixed-point algorithm for automated static detection of infinite loops. In: Proceedings of the 16th IEEE HASE 2015
Jacobs, M., Lewis, E.C.: SMART C: a semantic macro replacement translator for C. In: Proceedings of the Sixth IEEE SCAM 2006
Jin, H., et al.: SafeStack: automatically patching stack-based buffer overflow vulnerabilities. IEEE Trans. Dependable Secure Comput. 10(6), 368–379 (2013)
Kim, D., et al.: Automatic patch generation learned from human-written patches. In: Proceedings of the International Conference on Software Engineering, ICSE 2013
Le Goues, C., et al.: Genprog: a generic method for automatic software repair. IEEE Trans. Softw. Eng. 38(1), 54–72 (2012)
Lin, Z.: LibsafeXP: a practical and transparent tool for run-time buffer overflow preventions. In: Proceedings of the 7th Annual IEEE Information Assurance Workshop, IAW 2006
Lin, Z., et al.: AutoPaG: towards automated software patch generation with source code root cause identification and repair. In: Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security, ASIACCS 2007
Mitre: CWE-121. http://cwe.mitre.org/data/definitions/121.html
Mitre: 2011 CWE/SANS Top 25. http://cwe.mitre.org/top25/
Mitre: Heartbleed Bug. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
Monperrus, M.: A critical review of automatic patch generation learned from human-written patches: essay on the problem statement and the evaluation of automatic software repair. In: Proceedings of the 36th International Conference on Software Engineering, ICSE 2014
Muntean, P., et al.: Context-sensitive detection of information exposure bugs with symbolic execution. In: Innovative Software Development Methodologies and Practices, InnoSWDev 2014
NIST: Juliet Test Suite v1.2 for C/C++
Satish, C., et al.: SemFix: program repair via semantic analysis. In: Proceedings of the International Conference on Software Engineering, ICSE 2013, pp. 772–781
Sauciuc, R., Necula, G.: Reverse execution with constraint solving. Technical report No. UCB/EECS-2011-67, May 2011
Shaw, A., et al.: Automatically fixing C buffer overflows using program transformations. In: Proceedings of the IEEE/IFIP Conference on Dependable Systems and Networks, DSN 2013
Sidiroglou, S., Giovanidis, G., Keromytis, A.D.: A dynamic mechanism for recovering from buffer overflow attacks. In: Zhou, J., López, J., Deng, R.H., Bao, F. (eds.) ISC 2005. LNCS, vol. 3650, pp. 1–15. Springer, Heidelberg (2005)
Smirnov, A., et al.: Automatic patch generation for buffer overflow attacks. In: Proceedings of the Third International Symposium on Information Assurance and Security, IAS 2007, pp. 165–170
Westley, W.: Patches as better bug reports. In: International Conference on Generative Programming and Component Engineering, GPCE 2006
Westley, W., et al.: Automatically finding patches using genetic programming\(^*\). In: International Conference on Software Engineering, ICSE 2009
Acknowledgments
This research is funded by the German Ministry for Education and Research (BMBF) under grant number 01IS13020.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Muntean, P., Kommanapalli, V., Ibing, A., Eckert, C. (2015). Automated Generation of Buffer Overflow Quick Fixes Using Symbolic Execution and SMT. In: Koornneef, F., van Gulijk, C. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2014. Lecture Notes in Computer Science(), vol 9337. Springer, Cham. https://doi.org/10.1007/978-3-319-24255-2_32
Download citation
DOI: https://doi.org/10.1007/978-3-319-24255-2_32
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-24254-5
Online ISBN: 978-3-319-24255-2
eBook Packages: Computer ScienceComputer Science (R0)