Predicting Buffer Overflows Using Shimming Technology
Original Publication Date: 2006-Jan-26
Included in the Prior Art Database: 2006-Jan-26
Buffer overflows are predicted first by identifying buffer-overflow prone APIs, next by estimating the maximum input buffer size of the identified APIs, and then by validating the estimated maximum input buffer size against the size of the input buffer that is declared by the input parameters that are passed to the identified APIs. Shimming technology is employed to intercept the input parameters that are passed to APIs, thereby enabling the prediction method to use the intercepted input parameters for predicting buffer overflows.