Browse Prior Art Database

Automated System Integrity Flaw Detection

IP.com Disclosure Number: IPCOM000111244D
Original Publication Date: 1994-Feb-01
Included in the Prior Art Database: 2005-Mar-26
Document File: 2 page(s) / 89K

Publishing Venue

IBM

Related People

Schmitz, KD: AUTHOR [+2]

Abstract

Disclosed is a method of identifying MVS/ESA* computer program instructions that potentially create system integrity exposures via their memory (storage) access. Storage access integrity violations are created when unauthorized programs read from or write into protected system storage.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 52% of the total text.

Automated System Integrity Flaw Detection

      Disclosed is a method of identifying MVS/ESA* computer program
instructions that potentially create system integrity exposures via
their memory (storage) access.  Storage access integrity violations
are created when unauthorized programs read from or write into
protected system storage.

      The technique presented here is used by a computer program to
examine another program module for exposures.  This tool will be
referred to in this disclosure as the "scanner".

      Since the majority of instructions making storage references
use either a base or index register, the scanner maintains status
information for each register that indicates whether the register can
be trusted or not.  Each instruction in the program is examined to
see whether it makes storage references based on untrusted registers.
In addition, each instruction may change the status information of
several registers.

The automated scanner performs the following steps on an object
module:

1.  It establishes initial settings for the value and status of the
    16 general purpose registers.  A register's status may be trusted
    or untrusted.  The initialization is determined by the type of
    routine that is being scanned (Program Call or Supervisor Call).

2.  It scans through an object module one instruction at a time.  For
    each instruction, the scanner performs the following processing:

    o   Determines which registers are being used in the instruction.
        This is accomplished using tables that tell the scanner how
        to parse various instructions.

    o   Identifies the instruction as a potential exposure if any
        register it uses is untrusted.

    o   Determines whether execution of this instruction changes the
        trusted status of any register.

    o   For branch instructions the following occurs:

        a.  The branch target address is determined, if possible.

        b.  For conditional branch instructions one path is selected
            and information representing the other path is stored on
            a stack for later processing (as described further
            below).

        c.  A method for loop detection is employed (as described
            further below).

    o   It determines whether the instruction influences the value of
        any register.  An instruction can modify a register in three
        ways:

        -   The value may be derived from the instruction being
            scanned without needing to know a...