BinPointer: towards precise, sound, and scalable binary-level pointer analysis

Kim, Sun Hyoung; Zeng, Dongrui; Tan, Gang

doi:10.1145/3497776.3517776

Cited by 4 publications

(1 citation statement)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Binary instrumentation-based approaches suffer from the lack of high-level semantic information, preventing them from providing strong spatial guarantees for the detection of certain OOB write types [33,31,37]. Similarly, binary-level pointer analysis [18] is often course-grained and cannot guarantee sufficient precision to track OOB writes that have marginal effects.…”

Section: Related Workmentioning

confidence: 99%

Divak: Non-invasive Characterization of Out-of-Bounds Write Vulnerabilities

Hafkemeyer,

Starink,

Continella

2023

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Despite the high level of automation that fuzzing has brought into the vulnerability research process, the assessment of a discovered vulnerability's implications mostly requires human expertise and intuition. A promising approach to reduce such a manual effort is the automatic extraction of vulnerability characteristics that provide vital clues for exploitability. In this work, we focus on out-of-bounds write vulnerabilities and investigate how to automatically distill the set of source codelevel objects affected by such unintended writes. As this poses unique challenges with regard to the invasiveness of the analysis methods, we propose a novel approach that enables monitoring a compiled program for spatial memory safety violations without the need for heavy instrumentation. We implement Divak, a prototype of our design, and we evaluate it on both benchmarks and real-world vulnerabilities, showing that its detection and characterization capabilities outperform instrumentationbased tools in several scenarios, at the cost of an increased overhead.

show abstract

Section: Related Workmentioning

confidence: 99%