Patch-Related Vulnerability Detection Based on Symbolic Execution

Weizhong Qiang; Yuehua Liao; Guozhong Sun; Laurence T. Yang; Deqing Zou; Hai Jin

doi:10.1109/ACCESS.2017.2676161

IEEE Access (Jan 2017)

Patch-Related Vulnerability Detection Based on Symbolic Execution

Weizhong Qiang,
Yuehua Liao,
Guozhong Sun,
Laurence T. Yang,
Deqing Zou,
Hai Jin

Affiliations

Weizhong Qiang: ORCiD; Cluster and Grid Computing Laboratory, Services Computing Technology and System Lab, Big Data Technology and System Lab, School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, China
Yuehua Liao: Cluster and Grid Computing Laboratory, Services Computing Technology and System Lab, Big Data Technology and System Lab, School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, China
Guozhong Sun: Dawning Information Industry (Beijing) Co., Ltd., Beijing, China
Laurence T. Yang: School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, China
Deqing Zou: Cluster and Grid Computing Laboratory, Services Computing Technology and System Lab, Big Data Technology and System Lab, School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, China
Hai Jin: Cluster and Grid Computing Laboratory, Services Computing Technology and System Lab, Big Data Technology and System Lab, School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, China

DOI: https://doi.org/10.1109/ACCESS.2017.2676161
Journal volume & issue: Vol. 5
pp. 20777 – 20784

Abstract

Read online

During the lifecycle of a software system, software patches are committed to software repositories to fix discovered bugs or append new features. Unfortunately, the patches may bring new bugs or vulnerabilities, which could break the stability and security of the software system. A study shows that more than 15% of software patches are erroneous due to poor testing. In this paper, we present a novel approach for automatically determining whether a patch brings new vulnerabilities. Our approach combines symbolic execution with data flow analysis and static analysis, which allows a quick check of patch-related codes. We focus on typical memory-related vulnerabilities, including buffer overflows, memory leaks, uninitialized data, and dangling pointers. We have implemented our approach as a tool called KPSec, which we used to test a set of real-world software patches. Our experimental results show that our approach can effectively identify typical memory-related vulnerabilities introduced by the patches and improve the security of the updated software.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords