Buffer overflow vulnerability detection and patch generation system and method
US8037529B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Mar 19, 2008 |
| Grant date | Oct 11, 2011 |
| Priority date | — |
| Expiry date | Jun 28, 2030 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F21/577
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A computer-implemented method includes identifying a buffer overflow vulnerability in a vulnerable program including identifying a victim buffer creation site that created a victim buffer and identifying a vulnerability site that overflowed the victim buffer. A patch is created for the vulnerable program to prevent the vulnerability site from overflowing a potential victim buffer created by the victim buffer creation site. In this manner, the information obtained in identifying the buffer overflow vulnerability is used to automatically derive a patch that accurately seals the vulnerability, greatly reduces the false positive and negative rate, while at the same time shortens the response time to new threats.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.