Affiliation:
1. University of Illinois at Urbana-Champaign
2. University of Utah
Abstract
Integer overflow bugs in C and C++ programs are difficult to track down and may lead to fatal errors or exploitable vulnerabilities. Although a number of tools for finding these bugs exist, the situation is complicated because not all overflows are bugs. Better tools need to be constructed, but a thorough understanding of the issues behind these errors does not yet exist. We developed IOC, a dynamic checking tool for integer overflows, and used it to conduct the first detailed empirical study of the prevalence and patterns of occurrence of integer overflows in C and C++ code. Our results show that intentional uses of wraparound behaviors are more common than is widely believed; for example, there are over 200 distinct locations in the SPEC CINT2000 benchmarks where overflow occurs. Although many overflows are intentional, a large number of accidental overflows also occur. Orthogonal to programmers' intent, overflows are found in both well-defined and undefined flavors. Applications executing undefined operations can be, and have been, broken by improvements in compiler optimizations. Looking beyond SPEC, we found and reported undefined integer overflows in SQLite, PostgreSQL, SafeInt, GNU MPC and GMP, Firefox, LLVM, Python, BIND, and OpenSSL; many of these have since been fixed.
Funder
DARPA's Computer Science Study Group
Air Force Research Laboratory
Publisher
Association for Computing Machinery (ACM)
Reference22 articles.
1. CERT. 2006. IntegerLib a Secure Integer Library. (2006). http://www.cert.org/secure-coding/IntegerLib.zip. CERT. 2006. IntegerLib a Secure Integer Library. (2006). http://www.cert.org/secure-coding/IntegerLib.zip.
2. S. Christey and R. A. Martin. 2007. Vulnerability type distributions in CVE. Tech. report. MITRE Corporation. May. http://cwe.mitre.org/documents/vuln-trends.html. S. Christey and R. A. Martin. 2007. Vulnerability type distributions in CVE. Tech. report. MITRE Corporation. May. http://cwe.mitre.org/documents/vuln-trends.html.
3. S. Christey R. A. Martin M. Brown A. Paller and D. Kirby. 2011. 2011 CWE/SANS top 25 most dangerous software errors. Tech. report. MITRE Corporation. September. http://cwe.mitre.org.top25. S. Christey R. A. Martin M. Brown A. Paller and D. Kirby. 2011. 2011 CWE/SANS top 25 most dangerous software errors. Tech. report. MITRE Corporation. September. http://cwe.mitre.org.top25.
Cited by
44 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. Inconsistencies in TeX-Produced Documents;Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis;2024-09-11
2. FRIES: Fuzzing Rust Library Interactions via Efficient Ecosystem-Guided Target Generation;Proceedings of the 33rd ACM SIGSOFT International Symposium on Software Testing and Analysis;2024-09-11
3. WASMDYPA: Effectively Detecting WebAssembly Bugs via Dynamic Program Analysis;2024 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER);2024-03-12
4. A Survey of Software Dynamic Analysis Methods;Programming and Computer Software;2024-02
5. Survey of Linux Based Free Software Tools for Remote Learning of Electrical and Computer Engineering in a Post COVID-19 Era;SSRN Electronic Journal;2023