Automatic Detection and Repair Recommendation for Missing Checks |
| |
| Authors: | Ling-Yun Situ Student Member CCF Lin-Zhang Wang Distinguished Member CCF Yang Liu Member ACM IEEE Bing Mao Xuan-Dong Li Fellow CCF |
| |
| Affiliation: | 1.State Key Laboratory for Novel Software Technology, Nanjing University, Nanjing 210023, China;2.Department of Computer Science and Technology, Nanjing University, Nanjing 210023, China;3.School of Computer Science and Engineering, Nanyang Technological University, Singapore 639798, Singapore |
| |
| Abstract: | Missing checks for untrusted inputs used in security-sensitive operations is one of the major causes of various vulnerabilities. Efficiently detecting and repairing missing checks are essential for prognosticating potential vulnerabilities and improving code reliability. We propose a systematic static analysis approach to detect missing checks for manipulable data used in security-sensitive operations of C/C++ programs and recommend repair references. First, customized securitysensitive operations are located by lightweight static analysis. Then, the assailability of sensitive data used in securitysensitive operations is determined via taint analysis. And, the existence and the risk degree of missing checks are assessed. Finally, the repair references for high-risk missing checks are recommended. We implemented the approach into an automated and cross-platform tool named Vanguard based on Clang/LLVM 3.6.0. Large-scale experimental evaluation on open-source projects has shown its effectiveness and efficiency. Furthermore, Vanguard has helped us uncover five known vulnerabilities and 12 new bugs. |
| |
| Keywords: | static analysis missing check vulnerability detection repair recommendation |
| 本文献已被 万方数据 等数据库收录! |
| 点击此处可从《计算机科学技术学报》浏览原始摘要信息 |
|
点击此处可从《计算机科学技术学报》下载免费的PDF全文 |
|
