Scalable Static Detection of Use-After-Free Vulnerabilities in Binary Code

Abstract

Read online

The number of use-after-free vulnerabilities has been increasing rapidly in recent years, which is a serious threat to computer systems. However, few effective mitigations exist for large-scale binary code. In this study, the authors propose a scalable static approach for detecting use-after-free vulnerabilities in binary code. First, the use-after-free feature model is proposed to provide guidance for detection. Then, the binary code of the target program is converted to an intermediate representation, and CFGs (control flow graphs) are constructed. Finally, lightweight pointer tracking is performed to identify the use-after-free vulnerable point. Compared with state-of-the-art approaches, this approach uses function summaries rather than naive in-lining technique for the inter-procedural analysis in the vulnerability detection. Therefore, our approach has the ability to avoid redundant repeat analysis caused by the in-lining technique in the existing approaches and reduce the unnecessary performance overhead. The authors have implemented a prototype called UAFDetector and evaluated it using standard benchmarks and real-world programs. The experimental results show that this approach is effective in detecting use-after-free vulnerabilities in binary code and is more efficient and scalable than state-of-the-art static solutions.

Keywords

• Vulnerability detection
• use-after-free
• function summary
• UAFDetector