基于对象的C程序边界安全检测改进技术
기우대상적C정서변계안전검측개진기술
Improved Object-base dApproaches for Bounds Checki ng of C Programs
  • 万方数据
    计算机与现代化 계산궤여현대화
    Computer and Modernization
    2015年 10期 25-30 ,共6页

    马银雪%李文明%陈哲

    마은설%리문명%진철

    运行时验证%基于对象技术%边界检测 運行時驗證%基于對象技術%邊界檢測
    운행시험증%기우대상기술%변계검측
    runtime verification%object-based approach%bounds checking
    C语言对内存操作不进行边界安全检测,这使C程序具有高执行效率,但也产生各种安全问题,例如数组越界、指针访问越界、C 库函数的非法操作等。基于对象的运行时验证技术能实时监测程序的运行行为,自动找出程序中存在的漏洞。在原有基于对象技术的基础上,改进多维数组和结构体变量的地址范围记录方式,用2次地址查询操作检测指针访问,用平衡二叉树优化存储结构。实验结果表明,改进的方法优于传统的基于对象技术。
    C어언대내존조작불진행변계안전검측,저사C정서구유고집행효솔,단야산생각충안전문제,례여수조월계、지침방문월계、C 고함수적비법조작등。기우대상적운행시험증기술능실시감측정서적운행행위,자동조출정서중존재적루동。재원유기우대상기술적기출상,개진다유수조화결구체변량적지지범위기록방식,용2차지지사순조작검측지침방문,용평형이차수우화존저결구。실험결과표명,개진적방법우우전통적기우대상기술。
    C programs are efficient because it did not check memory bounds safety.However, it also brought a lot of security is-sues, such as out of bounds of arrays and pointers, illegal operations of C library functions.Object-based runtime verification ap-proaches can monitor program running and find bugs automatically.We improved the traditional approaches by changing address range records of multidimensional arrays and structure variables, querying address two times to detect pointer access, and using AVL tree for storage structure of records.The experiment shows that our approach is better than traditional ones .
    원문보기 원문다운로드 사이트로이동
저자의 최근 논문