Finding Overflow Errors in Software More Effectively

[Guest_Jim_*]

Bug testing software can be very difficult and chances are a tester or analyst is going to miss some, so it is understandable that software tools have been developed to aid in the hunt. One of the more common bugs in software is integer overflow, and researchers at MIT have developed a new tool for finding it.

By the nature of computers, there are limits on the data that can be stored, but sometimes a program may exceed that limit. In the case of integers, when that happens the number will just rollover to the beginning, like a car's odometer. In many instances that might not be a serious issue, but sometimes it can be, and many bugs can also be exploited. To hunt them down, the MIT researchers developed Directed Integer Overflow Detection (DIODE) to track a sample input through a program by adding onto its symbolic expression. Even though the sample input will not cause an overflow, DIODE is able to analyze the symbolic expression to determine an input that will. That input is then tested, as checks are likely in place to prevent such inputs, but it will continue until it finds an input that will get through, or concludes an overflow is impossible.

To test DIODE, the researchers ran it and other algorithms on five open-source programs. The other algorithms identified three overflow bugs and DIODE found those three, and 11 more. DIODE does not need the program to be open source though, and can run on the binary of a program, so even a user could run it and report their findings to the developers.

Source: MIT