UBITect: A Precise and Scalable Method to Detect Use-before-Initialization... Video ESECFSE 2020

UBITect: A Precise and Scalable Method to Detect Use-before-Initialization Bugs in Linux Kernel Video ESECFSE 2020 Yizhuo Zhai Yu Hao Hang Zhang Daimeng Wang Chengyu Song Zhiyun Qian Mohsen Lesani Srikanth V.
Krishnamurthy and Paul Yu University of California at Riverside USA University of California at Riverside USA University of California at Riverside USA University of California at Riverside USA University of California at Riverside USA University of California at Riverside USA University of California at Riverside USA University of California at Riverside USA U.S.
Army Research Laboratory USA Abstract: Use-before-Initialization UBI bugs in the Linux kernel have serious security impacts such as information leakage and privilege escalation.
Developers are adopting forced initialization to cope with UBI bugs but this approach can still lead to undefined behaviors e.g.
NULL pointer dereference.
As it is hard to infer correct initialization values we believe that the best way to mitigate UBI bugs is detection and manual patching.
Precise detection of UBI bugs requires path-sensitive analysis.
The detector needs to track an associated variables initialization status along all the possible program execution paths to its uses.
However such exhaustive analysis prevents the detection from scaling to the whole Linux kernel.
This paper presents UBITect a UBI bug finding tool which combines flow-sensitive type qualifier analysis and symbolic execution to perform precise and scalable UBI bug detection.
The scalable qualifier analysis guides symbolic execution to analyze variables that are likely to cause UBI bugs.
UBITect also does not require manual effort for annotations and hence it can be directly applied to the kernel without any source code or intermediate representation IR change.
On the Linux kernel version 4.14 UBITect reported 190 bugs among which 78 bugs were deemed by us as true positives and 52 were confirmed by Linux maintainers. Article: Supplementary archive: Badges: Artifacts Available Artifacts Evaluated Functional Supplementary web page: ORCID: Submitted to the conference by Yizhuo Zhai on 2020-11-02 Video Tags: Use-before-Initialization bug detection type qualifier symbolic execution fse20main-p172-p DOI: 10.11453368089.3409686 DOI: 10.5281zenodo.3905204 ORCID: 0000-0003-1577-3914 Artifacts Available Artifacts Evaluated Functional Presentation at the ESECFSE 2020 conference November 813 2020 Sponsored by ACM SIGSOFT Twitter: Reddit:

Источник: rutube.ru