Skip to main content
SpringerLink
Log in

Automatically Resolving Virtual Function Calls in Binary Executables

  • Conference paper
Recent Progress in Data Engineering and Internet Technology

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 157))

  • 1604 Accesses

Abstract

Call graph plays an important role in interprocedural program analysis methods. However, due to the common exist of function pointers and virtual functions in large programs, call graphs used in current program analysis systems are usually incomplete and imprecise, especially in analysis systems for binary executables. In this paper, we present a scalable and effective approach to automatically resolve virtual-function calls in executables. For the benchmark used in previous studies, our approach resolved almost 100% of reachable virtual function call-sites, whereas CodeSurfer/x86 resolved about 82%.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 259.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 329.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 329.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Codesurfer/x86, http://www.grammatech.com/research/products/CodeSurferx86.html

  2. Uqbt:a resourceable and retargetable binary translator, http://www.itee.uq.edu.au/~cristina/uqbt.html

  3. Balakrishnan, G., Reps, T.: Recency-abstraction for heap-allocated storage. In: Proc. Static Analysis Symposium, pp. 221–239 (2006)

    Google Scholar 

  4. Godefroid, P., Klarlund, N., Sen, K.: Dart: directed automated random testing. In: Proc. the 2005 ACM SIGPLAN Conference on Programming Language Design and Implementation, pp. 213–223 (2005)

    Google Scholar 

  5. King, J.C.: Symbolic execution and program testing. Communications of the ACM 19(7) (1976)

    Google Scholar 

  6. Pande, H.D., Ryder, B.G.: Data-flow-based virtual function resolution. In: Proc. Static Analysis Symposium, pp. 238–254 (1996)

    Google Scholar 

  7. Wang, T., Wei, T., Lin, Z., Zou, W.: Intscope: Automatically detecting integer overflow vulnerability in x86 binary using symbolic execution. In: Proc. 16th Annual Network & Distributed System Security Symposium (2009)

    Google Scholar 

  8. Wei, T., Mao, J., Zou, W., Chen, Y.: A new algorithm for identifying loops in decompilation. In: Proc. Static Analysis Symposium, pp. 170–183 (2007)

    Google Scholar 

  9. Wei, T., Mao, J., Zou, W., Chen, Y.: Structuring 2-way branches in binary executables. In: Proc. 31st Annual International Computer Software and Applications Conference, pp. 115–118 (2007)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Peking University, Beijing, China

    Tao Wei, Tielei Wang, Xinjian Zhao & Wei Zou

  2. China Information Technology Security Evaluation Center, Beijing, China

    Runpu Wu & Weihong Zheng

Authors
  1. Tao Wei
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Runpu Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Tielei Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Xinjian Zhao
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Wei Zou
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Weihong Zheng
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Tao Wei .

Editor information

Editors and Affiliations

  1. Bina Nusantara University, Jakarta, 11480, Indonesia

    Ford Lumban Gaol

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Wei, T., Wu, R., Wang, T., Zhao, X., Zou, W., Zheng, W. (2012). Automatically Resolving Virtual Function Calls in Binary Executables. In: Gaol, F. (eds) Recent Progress in Data Engineering and Internet Technology. Lecture Notes in Electrical Engineering, vol 157. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-28798-5_19

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-28798-5_19

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-28797-8

  • Online ISBN: 978-3-642-28798-5

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation