C库中易受缓冲区溢出攻击的脆弱函数分析
Analysis of C Functions Vulnerable to Buffer Overflow
-
摘要: 为了编写更安全的C程序和提高已有C程序的安全性,对C库函数中易受缓冲区溢出攻击的脆弱函数进行了分析,分析它们可能产生缓冲区溢出时的特征及如何避免缓冲区溢出.实现了一种缓冲区溢出检测工具,能较准确地检测到C目的程序中的缓冲区溢出漏洞,分析结果具有实用价值.Abstract: In order to produce more secure C programs, and to improve the security of existed C programs, C library functions that are vulnerable to buffer overflow attack are analyzed. They are analyzed to obtain the features when they are used in a vulnerable way, and suggestions are given to avoid the vulnerable way. A buffer overflow detection tool that makes use of the analysis result can detect buffer overflow in C binary programs. The analysis result is practica1.