HDR-Fuzz: Detecting Buffer Overruns using AddressSanitizer Instrumentation and Fuzzing

Buffer-overruns are a prevalent vulnerability in software libraries and applications. Fuzz testing is one of the effective techniques to detect vulnerabilities in general. Greybox fuzzers such as AFL automatically generate a sequence of test inputs for a given program using a fitness-guided search process. A recently proposed approach in the literature introduced a buffer-overrun specific fitness metric called "headroom", which tracks how close each generated test input comes to exposing the vulnerabilities. That approach showed good initial promise, but is somewhat imprecise and expensive due to its reliance on conservative points-to analysis. Inspired by the approach above, in this paper we propose a new ground-up approach for detecting buffer-overrun vulnerabilities. This approach uses an extended version of ASAN (Address Sanitizer) that runs in parallel with the fuzzer, and reports back to the fuzzer test inputs that happen to come closer to exposing buffer-overrun vulnerabilities. The ASAN-style instrumentation is precise as it has no dependence on points-to analysis. We describe in this paper our approach, as well as an implementation and evaluation of the approach.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
05/17/2023

Statically Detecting Buffer Overflow in Cross-language Android Applications Written in Java and C/C++

Many applications are being written in more than one language to take ad...
research
12/30/2020

Stack-based Buffer Overflow Detection using Recurrent Neural Networks

Detecting vulnerabilities in software is a critical challenge in the dev...
research
11/29/2017

Senx: Sound Patch Generation for Security Vulnerabilities

Many techniques have been proposed for automatic patch generation and th...
research
06/01/2017

Static Exploration of Taint-Style Vulnerabilities Found by Fuzzing

Taint-style vulnerabilities comprise a majority of fuzzer discovered pro...
research
10/09/2022

A unit-based symbolic execution method for detecting memory corruption vulnerabilities in executable codes

Memory corruption is a serious class of software vulnerabilities, which ...
research
09/17/2019

Variable Record Table: A Run-time Solution for Mitigating Buffer Overflow Attack

We present a novel approach to mitigate buffer overflow attack using Var...
research
05/22/2021

An Algorithm for Reordering Buffer Management Problem and Experimental Evaluations on Discrete Distributions

In the reordering buffer management problem, a sequence of requests must...

Please sign up or login with your details

Forgot password? Click here to reset