Advanced Search
DSpace@MIT

Targeted Automatic Integer Overflow Discovery Using Goal-Directed Conditional Branch Enforcement

Research and Teaching Output of the MIT Community

Show simple item record

dc.contributor.author Sidiroglou-Douskos, Stelios
dc.contributor.author Lahtinen, Eric
dc.contributor.author Piselli, Paolo
dc.contributor.author Long, Fan
dc.contributor.author Kim, Deokhwan
dc.contributor.author Rinard, Martin C.
dc.contributor.author Rittenhouse, Nathan (Nathan W.)
dc.date.accessioned 2015-03-24T18:38:23Z
dc.date.available 2015-03-24T18:38:23Z
dc.date.issued 2015-03
dc.identifier.isbn 9781450328357
dc.identifier.uri http://hdl.handle.net/1721.1/96155
dc.description.abstract We present a new technique and system, DIODE, for auto- matically generating inputs that trigger overflows at memory allocation sites. DIODE is designed to identify relevant sanity checks that inputs must satisfy to trigger overflows at target memory allocation sites, then generate inputs that satisfy these sanity checks to successfully trigger the overflow. DIODE works with off-the-shelf, production x86 binaries. Our results show that, for our benchmark set of applications, and for every target memory allocation site exercised by our seed inputs (which the applications process correctly with no overflows), either 1) DIODE is able to generate an input that triggers an overflow at that site or 2) there is no input that would trigger an overflow for the observed target expression at that site. en_US
dc.description.sponsorship United States. Defense Advanced Research Projects Agency (Grant FA8650-11-C-7192) en_US
dc.language.iso en_US
dc.publisher Association for Computing Machinery (ACM) en_US
dc.relation.isversionof http://dx.doi.org/10.1145/2694344.2694389 en_US
dc.rights Creative Commons Attribution-Noncommercial-Share Alike en_US
dc.rights.uri http://creativecommons.org/licenses/by-nc-sa/4.0/ en_US
dc.source Sidiroglou-Douskos, Stelios en_US
dc.title Targeted Automatic Integer Overflow Discovery Using Goal-Directed Conditional Branch Enforcement en_US
dc.type Article en_US
dc.identifier.citation Sidiroglou-Douskos, Stelios et al. “Targeted Automatic Integer Overflow Discovery Using Goal-Directed Conditional Branch Enforcement.” Twentieth International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS 2015) (March 2015): 473–486. en_US
dc.contributor.department Massachusetts Institute of Technology. Computer Science and Artificial Intelligence Laboratory en_US
dc.contributor.department Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science en_US
dc.contributor.mitauthor Long, Fan en_US
dc.contributor.mitauthor Kim, Deokhwan en_US
dc.contributor.mitauthor Rinard, Martin C. en_US
dc.contributor.mitauthor Sidiroglou-Douskos, Stelios en_US
dc.contributor.mitauthor Lahtinen, Eric en_US
dc.contributor.mitauthor Rittenhouse, Nathan (Nathan W.) en_US
dc.contributor.mitauthor Piselli, Paolo en_US
dc.relation.journal Proceedings of the Twentieth International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS 2015) en_US
dc.identifier.mitlicense OPEN_ACCESS_POLICY en_US
dc.eprint.version Author's final manuscript en_US
dc.type.uri http://purl.org/eprint/type/ConferencePaper en_US
eprint.status http://purl.org/eprint/status/NonPeerReviewed en_US
dspace.orderedauthors Sidiroglou-Douskos, Stelios; Lahtinen, Eric; Rittenhouse, Nathan; Piselli, Paolo; Long, Fan; Kim, Deokhwan; Rinard, Martin en_US
dc.identifier.orcid https://orcid.org/0000-0002-6232-3118
dc.identifier.orcid https://orcid.org/0000-0001-8195-4145
dc.identifier.orcid https://orcid.org/0000-0001-8095-8523


Files in this item

Name Size Format
Downloadable Full Text - PDF

This item appears in the following Collection(s)

Show simple item record

Creative Commons Attribution-Noncommercial-Share Alike Except where otherwise noted, this item's license is described as Creative Commons Attribution-Noncommercial-Share Alike
Open Access