Browse Prior Art Database

Predicting Buffer Overflows Using Shimming Technology

IP.com Disclosure Number: IPCOM000133490D
Original Publication Date: 2006-Jan-26
Included in the Prior Art Database: 2006-Jan-26

Publishing Venue

Microsoft

Related People

Inventors:
David L. Christiansen Mark T. Hanson William H. Shihara

Abstract

Buffer overflows are predicted first by identifying buffer-overflow prone APIs, next by estimating the maximum input buffer size of the identified APIs, and then by validating the estimated maximum input buffer size against the size of the input buffer that is declared by the input parameters that are passed to the identified APIs. Shimming technology is employed to intercept the input parameters that are passed to APIs, thereby enabling the prediction method to use the intercepted input parameters for predicting buffer overflows.