Region analysis for deductive verification of C programs

Mandrykin, Mikhail; Хорошилов, А. В.

doi:10.1134/s0361768816050042

Cited by 3 publications

(4 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The current PeCoffLoaderImageAddress function returns a pointer to a requested offset within the image buffer. However, it does not return the remaining number of bytes to the end of the buffer 19 -all callers to this function that access more than one byte from this pointer without additional caution may perform out-of-bounds accesses (OOB). While there is a practice of calling the function twice, where the second call is passed the range's end offset 20 , this is very much unintuitive and error-prone.…”

Section: B Functional Defects 1) Out-of-bounds Accessesmentioning

confidence: 99%

“…In this sense AstraVer Toolset is a further development of the Jessie plugin [18] for Frama-C tested on existing system software such as the Linux kernel. It implements a new memory model [19] that allows to support the container of construct, pointer type reinterpretation between integer types, including types of different size, bitwise arithmetic operations on expression-level, and has several other features [12].…”

Section: Astraver Toolsetmentioning

confidence: 99%

“…They are exclusive to the code and are not discussed in this document 19. EDK II[6] BasePeCoffLib/BasePeCoff.c:843-84820 EDK II[6] BasePeCoffLib/BasePeCoff.c:1743-1746 21 EDK II [6] BasePeCoffLib/BasePeCoff.c:1538-1542 22 EDK II [6] BasePeCoffLib/BasePeCoff.c:1583 EDK II [6] BasePeCoffLib/BasePeCoff.c:1600 23 EDK II [6] BasePeCoffLib/BasePeCoff.c:139 24 EDK II [6] BasePeCoffLib/BasePeCoff.c:162-174 25 EDK II [6] BasePeCoffLib/BasePeCoff.c:701 (for 32-bit U IN T N ) 26 Supported as per UEFI specification [1], 2.3.5 AArch32 Platforms 27 ARMv6-M [9], A3.5.5 Memory access restrictions 28 EDK II [6] BasePeCoffLib/BasePeCoff.c:1273…”

mentioning

confidence: 99%

See 2 more Smart Citations

Securing the EDK II Image Loader

Häuser

Cheptsov

2020

2020 Ivannikov Ispras Open Conference (ISPRAS)

View full text Add to dashboard Cite

The Unified Extensible Firmware Interface (UEFI) is a standardised interface between the firmware and the operating system used in all x86-based platforms over the past ten years, which continues to spread to other architectures such as ARM and RISC-V. The UEFI incorporates a modular design based on images containing a driver or an application in a Common Object File Format (COFF) either as a Portable Executable (PE) or as a Terse Executable (TE). The de-facto standard generic UEFI services implementation, including the image loading functionality, is TianoCore EDK II. Its track of security issues shows numerous design and implementation flaws some of which are yet to be addressed. In this paper we outline both the requirements for a secure UEFI Image Loader and the issues of the existing implementation. As an alternative we propose a formally verified Image Loader supporting both PE and TE images with fine-grained hardening enabling a seamless integration with EDK II and subsequently with the other firmwares.

show abstract

Section: B Functional Defects 1) Out-of-bounds Accessesmentioning

confidence: 99%

Section: Astraver Toolsetmentioning

confidence: 99%

mentioning

confidence: 99%

See 1 more Smart Citation

Securing the EDK II Image Loader

Häuser

Cheptsov

2020

2020 Ivannikov Ispras Open Conference (ISPRAS)

View full text Add to dashboard Cite

show abstract

“…The region analysis implemented in the current submission is a conservative over-approximation of context-sensitive flow-insensitive separation analysis with polymorphic regions for deductive verification. It was first described in [3] and later substantially extended in [4]. The conservative approximation is needed because the original analysis generally requires user annotations.…”

Section: Verification Approachmentioning

confidence: 99%

CPA-BAM-Slicing: Block-Abstraction Memoization and Slicing with Region-Based Dependency Analysis

Andrianov

Mutilin

Mandrykin

et al. 2018

Tools and Algorithms for the Construction and Analysis of Systems

View full text Add to dashboard Cite

Our submission to SV-COMP'18 is a composite tool based on software verification framework CPAchecker and static analysis platform Frama-C. The base verifier uses a combination of predicate and explicit value analysis with block-abstraction memoization as the CPA-BAM-BnB tool presented at SV-COMP'17. In this submission we augment the verifier on reachability verification tasks with a slicer that is able to remove those statements that are irrelevant to the reachability of error locations in the analysed program. The slicer is based on contextsensitive flow-insensitive separation analysis with typed polymorphic regions and simple dependency analysis with transitive closures. The resulting analysis preserves reachability modulo possible non-termination while removing enough irrelevant code to achieve considerable speedup of the main analysis. The slicer is implemented as a Frama-C plugin.

show abstract

Deductive Verification of Unmodified Linux Kernel Library Functions

Efremov

Mandrykin

Хорошилов

2018

Leveraging Applications of Formal Methods, Verification and Validation. Verification

View full text Add to dashboard Cite

This paper presents results from the development and evaluation of a deductive verification benchmark consisting of unmodified Linux kernel library functions implementing conventional memory and string operations. The formal contract of the functions was extracted from their source code and was represented in the form of preconditions and postconditions. The correctness of functions was completely proved using AstraVer toolset, although success for functions was achieved using new specification language constructs. Another functions were proved after a minor modification of their source code, while the final one cannot be completely proved using the existing memory model. The benchmark can be used for the testing and evaluation of deductive verification tools and as a starting point for verifying other parts of the Linux kernel.

show abstract

Region analysis for deductive verification of C programs

Cited by 3 publications

References 11 publications

Securing the EDK II Image Loader

Securing the EDK II Image Loader

CPA-BAM-Slicing: Block-Abstraction Memoization and Slicing with Region-Based Dependency Analysis

Deductive Verification of Unmodified Linux Kernel Library Functions

Contact Info

Product

Resources

About