Research and Implementation of embedded application memory detection technology
|School||University of Electronic Science and Technology|
|Keywords||Static Detection Memory error Buffer overflow Pointer validity|
Memory error refers to the application to read and write memory unit, or related operations such as memory allocation and release lead to errors. C / C-based program development, the vast majority of software defects or errors are and memory. Because of its hidden nature, the compiler can not automatically find memory errors. Memory error occurred during the execution of a program is difficult to trace, debugging and running easily interrupted because of memory errors. To avoid the huge losses caused by memory errors, software quality and security requirements during the program design process more and more, the software testing plays an important role. Now there are a lot of static and dynamic inspection techniques and tools used to find the hidden bugs in the program, so as to improve the reliability of the software. This article uses static detection techniques to study the program memory. First through some examples of code memory. Followed by buffer overflow, a detailed analysis of the principle of buffer overflow, buffer overflow attacks using buffer the variable bounds checking and variable value domain analysis of the two methods to detect buffer overflow. The experimental results show that this method has better detection capabilities than previous tools. Discuss then on the validity of the pointer, the mapping between pointer variable and point variable of pointer and pointer state, pointer manipulation validity analysis, pointers finite state machine model, given pointer fault set of operations, in order to determine the operation of a pointer in the program is valid. The experimental results show that this method can effectively detect illegal pointer dereference exception and release memory. Final design and a programming style checks based on the program code and memory error checking the static code detection system, the static analysis methods, this study proposed a buffer overflow detection method and pointer the validity detection method is applied to the system, the experimental results prove this method is effective, and designed and implemented the system has better detection capabilities. This article has some advantages and innovation: (1) the use of variable value domain analysis methods with variable capacity buffer detection and loop statement block the buffer element index value range checking, improved analysis accuracy. (2) detection algorithm based on finite state machine pointer dereference pointer state to determine the validity of pointer operations, and strengthen the analysis of the control flow in the program, so that more accurate test results. (3) static code detection system code programming style analysis, enhanced inspection function, but also expands the scope of the analysis of the problem.