poster

GARUDA: heap aware symbolic execution

Authors:

Ajinkya Rajput,

Kanchi GopinathAuthors Info & Claims

ICSE '22: Proceedings of the ACM/IEEE 44th International Conference on Software Engineering: Companion Proceedings

Pages 352 - 353

https://doi.org/10.1145/3510454.3528650

Published: 19 October 2022 Publication History

Get Access

Abstract

Symbolic execution is a widely employed technique in vulnerability detection. However, it faces an acute problem of state space explosion when analyzing programs that dynamically allocate memory. In this work we present GARUDA that makes the symbolic execution heap-aware to mitigate the state space explosion problem. We show that GARUDA can detect vulnerabilities in real-world software and can generate inputs to trigger two more safety violations than the winner of the TestComp2021 testing competition in the heap safety category of TestComp2021 benchmarks.

References

[1]

Dirk Beyer. 2019. International Competition on Software Testing (Test-Comp). In Tools and Algorithms for the Construction and Analysis of Systems, Dirk Beyer, Marieke Huisman, Fabrice Kordon, and Bernhard Steffen (Eds.). Springer International Publishing, Cham, 167--175.

Google Scholar

[2]

Patrice Godefroid, Nils Klarlund, and Koushik Sen. 2005. DART: directed automated random testing. In Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation. 213--223.

Digital Library

Google Scholar

[3]

James C King. 1976. Symbolic execution and program testing. Commun. ACM 19, 7 (1976), 385--394.

Digital Library

Google Scholar

[4]

Ajinkya Rajput and K. Gopinath. 2022. GARUDA: Heap aware symbolic execution. (2022). http://clweb.csa.iisc.ac.in/ajinkya/garuda_paper.pdf

Digital Library

Google Scholar

[5]

Yan Shoshitaishvili, Ruoyu Wang, Christopher Salls, Nick Stephens, Mario Polino, Audrey Dutcher, John Grosen, Siji Feng, Christophe Hauser, Christopher Kruegel, and Giovanni Vigna. 2016. SoK: (State of) The Art of War: Offensive Techniques in Binary Analysis. In IEEE Symposium on Security and Privacy.

Crossref

Google Scholar

Index Terms

GARUDA: heap aware symbolic execution
1. Software and its engineering
  1. Software creation and management
    1. Software verification and validation
      1. Formal software verification
      2. Software defect analysis
        Software testing and debugging
  2. Software organization and properties
    1. Software functional properties
      1. Formal methods
2. Theory of computation
  1. Semantics and reasoning
    1. Program reasoning

Index terms have been assigned to the content through auto-classification.

Recommendations

CRAXfuzz: Target-Aware Symbolic Fuzz Testing
COMPSAC '15: Proceedings of the 2015 IEEE 39th Annual Computer Software and Applications Conference - Volume 02

Vulnerabilities are caused by implementation bugs, such as buffer overflow, integer overflow, uncontrolled format strings, and command injection flaws. They are often exploited to intrude software systems. In order to reduce software bugs, testing ...
Improving function coverage with munch: a hybrid fuzzing and directed symbolic execution approach
SAC '18: Proceedings of the 33rd Annual ACM Symposium on Applied Computing

Fuzzing and symbolic execution are popular techniques for finding vulnerabilities and generating test-cases for programs. Fuzzing, a blackbox method that mutates seed input values, is generally incapable of generating diverse inputs that exercise all ...
RELEASE: Generating Exploits Using Loop-Aware Concolic Execution
SSIRI '11: Proceedings of the 2011 Fifth International Conference on Secure Software Integration and Reliability Improvement

Automatically finding vulnerabilities and even generating exploits are desirable for software testing. For the protection of intellectual property and copyright, programs being tested may be lack of source code and symbol table information. Concolic ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

ICSE '22: Proceedings of the ACM/IEEE 44th International Conference on Software Engineering: Companion Proceedings

May 2022

394 pages

ISBN:9781450392235

DOI:10.1145/3510454

General Chair:
Matthew B Dwyer
University of Virginia

Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

In-Cooperation

IEEE CS

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 19 October 2022

Check for updates

Author Tags

Qualifiers

Poster

Conference

ICSE '22

Sponsor:

SIGSOFT

ICSE '22: 44th International Conference on Software Engineering

May 21 - 29, 2022

Pennsylvania, Pittsburgh

Acceptance Rates

Overall Acceptance Rate 276 of 1,856 submissions, 15%

Upcoming Conference

ICSE 2025

2025 IEEE/ACM 46th International Conference on Software Engineering

April 26 - May 3, 2025

Ottawa , ON , Canada

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
63
Total Downloads

Downloads (Last 12 months)21
Downloads (Last 6 weeks)0

Reflects downloads up to 14 Jan 2025

Other Metrics

View Author Metrics

Citations

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Index Terms

Recommendations

CRAXfuzz: Target-Aware Symbolic Fuzz Testing

Improving function coverage with munch: a hybrid fuzzing and directed symbolic execution approach

RELEASE: Generating Exploits Using Loop-Aware Concolic Execution