Analyzing Stripped Device-Driver Executables
نویسندگان
چکیده
This paper sketches the design and implementation of DeviceDriver Analyzer for x86 (DDA/x86), a prototype analysis tool for finding bugs in stripped Windows device-driver executables (i.e., when neither source code nor symbol-table/debugging information is available), and presents a case study. DDA/x86 was able to find known bugs (previously discovered by source-code-based analysis tools) along with useful error traces, while having a reasonably low false-positive rate. This work represents the first known application of automatic program verification/analysis to stripped industrial executables, and allows one to check that an executable does not violate known API usage rules (rather than simply trusting that the implementation is correct).
منابع مشابه
Recency-Abstraction for Heap-Allocated Storage
In this paper, we present an abstraction for heap-allocated storage, called the recency-abstraction, that allows abstract-interpretation algorithms to recover some non-trivial information for heap-allocated data objects. As an application of the recency-abstraction, we show how it can resolve virtual-function calls in stripped executables (i.e., executables from which debugging information has ...
متن کاملVisual Analysis of Control Coupling for Executables
Program comprehension of stripped executables is hard because neither modules and function names, nor any other structural information are available. We introduce an algorithm that, using morphological operations, highlights fan-in, fan-out, and module coupling in the adjacency matrix of the control flow graph and thus allows initial orientation at function level. This paper introduces the stru...
متن کاملA System for Generating Static Analyzers for Machine Instructions
There is growing interest in analyzing executables to look for bugs and security vulnerabilities. This paper describes the design and implementation of a language for describing the semantics of an instruction set, along with a runtime system to support the static analysis of executables written in that instruction set. The work advances the state of the art by creating multiple analysis phases...
متن کاملRecovery of Variables and Heap Structure in x86 Executables
This paper addresses two problems that arise when analyzing executables: (1) recovering variable-like quantities in the absence of symbol-table and debugging information, and (2) recovering useful information about objects allocated in the heap.
متن کاملEvaluation of cruciate and slot auxiliary screw head design modifications for extracting stripped screw heads.
Slotted and cruciate auxiliary screw head design modifications for "salvaging" a stripped hexagonal head screw were studied. Thirty screws were divided into 3 groups: Group 1 = control without modification, Group 2 = auxiliary cruciate design modification and Group 3 = auxiliary slot design modification. Screws were inserted into adhesive filled high-density synthetic bone tunnels using a hexag...
متن کامل