Sciweavers

Share
SIGSOFT
2004
ACM

Testing static analysis tools using exploitable buffer overflows from open source code

10 years 4 months ago
Testing static analysis tools using exploitable buffer overflows from open source code
Five modern static analysis tools (ARCHER, BOON, PolySpace C Verifier, Splint, and UNO) were evaluated using source code examples containing 14 exploitable buffer overflow vulnerabilities found in various versions of Sendmail, BIND, and WU-FTPD. Each code example included a "BAD" case with and a "PATCHED" case without buffer overflows. Buffer overflows varied and included stack, heap, bss and data buffers; access above and below buffer bounds; access using pointers, indices, and functions; and scope differences between buffer creation and use. Detection rates for the "BAD" examples were low except for Polyspace C Verifier and Splint which had average detection rates of 87% and 57% respectively. However, average false alarm rates were high and roughly 50% for these two tools. On safe patched programs these two tools produce one false alarm for every 12 to 46 lines of source code and neither tool can accurately distinguish between unsafe source code where b...
Misha Zitser, Richard Lippmann, Tim Leek
Added 20 Nov 2009
Updated 20 Nov 2009
Type Conference
Year 2004
Where SIGSOFT
Authors Misha Zitser, Richard Lippmann, Tim Leek
Comments (0)
books