| 缓冲区溢出的建模分析 |
| |
| 引用本文: | 刘应华,姜建国.缓冲区溢出的建模分析[J].计算机工程与应用,2005,41(3):88-90. |
| |
| 作者姓名: | 刘应华 姜建国 |
| |
| 作者单位: | 西安电子科技大学计算机学院,西安,710071;西安电子科技大学计算机学院,西安,710071 |
| |
| 摘 要: | 论文介绍了一种检测缓冲区溢出漏洞的建模方法。该方法的关键是对C语言的源代码做静态分析,把缓冲区溢出这个事件作为一个整数区域问题来看待,从而建立缓冲区溢出的数学模型。该模型的一个优点是在代码编译以前可以通过静态分析的方法来发现潜在的缓冲区溢出漏洞。
|
| 关 键 词: | 缓冲区溢出 检测 建模 |
| 文章编号: | 1002-8331-(2005)03-0088-03 |
A Modeling Analysis towards Buffer Overrun Vulnerabilities |
| |
| Liu Yinghua,Jiang Jianguo.A Modeling Analysis towards Buffer Overrun Vulnerabilities[J].Computer Engineering and Applications,2005,41(3):88-90. |
| |
| Authors: | Liu Yinghua Jiang Jianguo |
| |
| Abstract: | A new method for finding potential buffer overrun vulnerabilities in security-critical C code is described.The key of this method is to use static analysis,and through formulating detection of buffer overruns as an integer range analysis problem to model the potential buffer overrun vulnerabilities.One major advantage of this method is that security bugs can be eliminated before C code is complied. |
| |
| Keywords: | buffer overrun detection model |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
