论文部分内容阅读
Integer overflow vulnerability will cause buffer overflow. The research on the relationship between them will help us to detect integer overflow vulnerability. We present a dynamic analysis meth-ods RICB (Run-time Integer Checking via Buffer o-verflow). Our approach includes decompile execute file to assembly language; debug the execute file step into and step out; locate the overflow points and checking buffer overflow caused by integer o-verflow. We have implemented our approach in three buffer overflow types: format string overflow,stack overflow and heap overflow. Experiments re-suits show that our approach is effective and effi-cient. We have detected more than 5 known integer overflow vuinerabilities via buffer overflow.