A detecting method of array bounds defects based on symbolic execution

Chun Shan, Shiyou Sun*, Jingfeng Xue, Changzhen Hu, Hongjin Zhu

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

2 Citations (Scopus)

Abstract

Array bounds is the most commonly fault in java programs design, it often leads to wrong results even system crash. To solve these problems, this paper proposed a detecting array bounds method based on symbolic execution. The method generated the abstract syntax tree from the source code, and then created a control flow graph according to the abstract syntax tree. It adopted flaw detectors to detect defects of array bound. Finally, using the standard function to test the ability of this method in detecting array bounds. The results indicated that this method can detect array bounds defects of crossing process indirectly, array bounds defects within process and array bounds defects of crossing process directly very well and it is better than some existing Java methods of detecting array bounds defects.

Original languageEnglish
Title of host publicationNetwork and System Security - 11th International Conference, NSS 2017, Proceedings
EditorsZheng Yan, Refik Molva, Wojciech Mazurczyk, Raimo Kantola
PublisherSpringer Verlag
Pages373-385
Number of pages13
ISBN (Print)9783319647005
DOIs
Publication statusPublished - 2017
Event11th International Conference on Network and System Security, NSS 2017 - Helsinki, Finland
Duration: 21 Aug 201723 Aug 2017

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume10394 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference11th International Conference on Network and System Security, NSS 2017
Country/TerritoryFinland
CityHelsinki
Period21/08/1723/08/17

Keywords

  • Array bounds
  • Software security
  • Symbolic execution

Fingerprint

Dive into the research topics of 'A detecting method of array bounds defects based on symbolic execution'. Together they form a unique fingerprint.

Cite this

Shan, C., Sun, S., Xue, J., Hu, C., & Zhu, H. (2017). A detecting method of array bounds defects based on symbolic execution. In Z. Yan, R. Molva, W. Mazurczyk, & R. Kantola (Eds.), Network and System Security - 11th International Conference, NSS 2017, Proceedings (pp. 373-385). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10394 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-319-64701-2_27