TUM Logo

AbsIntIO: Towards Showing the Absence of Integer Overflows in Binaries using Abstract Interpretation

In the past years, the CWE-190 integer overflow led to many vulnerabilities. Program verification techniques such as Abstract Interpretation can show that no such bug is present in a given program. To date, such techniques often aim to verify the correctness of source code. However, as the source code is not always available or might not have been subject to such an analysis, it is advisable to apply abstract integer range analysis to the binary. However, analyzing binaries imposes other challenges which are not always addressed accurately by existing analysis tools. As an example, some tools fail to model bitwise operators, recover type information or do not account for compiler optimizations. We propose techniques to address these limitations and illustrate their effects in our configurable reference implementation AbsIntIO. AbsIntIO applies abstract integer range analysis to binaries with the goal to show that no integer overflow is possible. We evaluate the effects of the improvements and observed a reduction of the error rates. Hence, the improvements provide a step towards verifying the correctness of binaries.

AbsIntIO: Towards Showing the Absence of Integer Overflows in Binaries using Abstract Interpretation

ASIA CCS '23: ACM ASIA Conference on Computer and Communications Security, Melbourne, VIC, Australia, July 2023

Authors: Alexander Kuechler, Leon Wenning, and Florian Wendland
Year/month: 2023/7
Booktitle: ASIA CCS '23: ACM ASIA Conference on Computer and Communications Security, Melbourne, VIC, Australia, July 2023
Fulltext: click here

Abstract

In the past years, the CWE-190 integer overflow led to many vulnerabilities. Program verification techniques such as Abstract Interpretation can show that no such bug is present in a given program. To date, such techniques often aim to verify the correctness of source code. However, as the source code is not always available or might not have been subject to such an analysis, it is advisable to apply abstract integer range analysis to the binary. However, analyzing binaries imposes other challenges which are not always addressed accurately by existing analysis tools. As an example, some tools fail to model bitwise operators, recover type information or do not account for compiler optimizations. We propose techniques to address these limitations and illustrate their effects in our configurable reference implementation AbsIntIO. AbsIntIO applies abstract integer range analysis to binaries with the goal to show that no integer overflow is possible. We evaluate the effects of the improvements and observed a reduction of the error rates. Hence, the improvements provide a step towards verifying the correctness of binaries.

Bibtex:

@inproceedings {
author = { Alexander Kuechler and Leon Wenning and Florian Wendland},
title = { AbsIntIO: Towards Showing the Absence of Integer Overflows in Binaries using Abstract Interpretation },
year = { 2023 },
month = { July },
booktitle = { ASIA CCS '23: ACM ASIA Conference on Computer and Communications Security, Melbourne, VIC, Australia, July 2023 },
url = { https://doi.org/10.1145/3579856.3582814 },

}