Adapting input to find integer overflows
First Claim
Patent Images
1. One or more computer-readable storage media comprising processor-executable instructions for evaluating an application for security risks due to memory allocations, the processor-executable instructions comprising instructions for:
- finding a relationship between data input to the application and memory allocation requests made by the application;
calculating input data, using the relationship, wherein the input data is calculated to test for a memory allocation request that results in a math error during operation of the application;
executing a memory allocation-requesting module within the application, using the calculated input data to calculate a memory allocation request; and
determining if the application erroneously calculated the memory allocation request by allowing overrun of a buffer defined in system memory of a computer system.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods are described for use in evaluating an application for security risks related to integer overflow conditions in conjunction with memory allocations. The evaluation includes finding a relationship between data input to the application and memory allocation requests made by the application. Having established the relationship, a memory allocation-requesting module within the application is tested, using input data selected using the relationship.
-
Citations
35 Claims
-
1. One or more computer-readable storage media comprising processor-executable instructions for evaluating an application for security risks due to memory allocations, the processor-executable instructions comprising instructions for:
-
finding a relationship between data input to the application and memory allocation requests made by the application; calculating input data, using the relationship, wherein the input data is calculated to test for a memory allocation request that results in a math error during operation of the application; executing a memory allocation-requesting module within the application, using the calculated input data to calculate a memory allocation request; and determining if the application erroneously calculated the memory allocation request by allowing overrun of a buffer defined in system memory of a computer system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. One or more computer-readable storage media comprising processor-executable instructions for managing memory allocations, the processor-executable instructions comprising instructions for:
-
establishing a procedure by which memory allocation requests may be predicted based on input to an application; selecting input data using the procedure, wherein the input data is selected to test for an integer overflow during operation of the application; and supplying the selected input data to the application; executing a memory allocation request within the application based on the selected input data supplied to the application; and determining if the application erroneously calculated the memory allocation request to allow overrun of a buffer defined in system memory of a computer system. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. A test apparatus to test memory allocation requests made by an application, the test apparatus defined in one or more computer-readable storage media and comprising:
-
tools interfaced to the application to monitor memory allocation requests made by a memory allocation-requesting module within the application; a data analyzer for finding a relationship between input data and a size of the memory allocation requests, wherein the relationship is configured to allow prediction of memory allocation requests for given input data, and the data analyzer is configured for; executing the memory allocation-requesting module two or more times to find two or more points of reference wherein each point of reference is associated with a memory allocation request; and fitting a curve to the two or more points of reference; a data generator for generating data to be input to the application, wherein the data is generated according to the relationship and selected in a manner to test for an integer overflow during operation of the application, and wherein the data is input to the application for use by the memory allocation-requesting module within the application; and an allocation request evaluator configured to determine if operation of the application using the memory allocation request would result in integer overflow and to determine if a size of the memory allocation request was erroneous. - View Dependent Claims (25, 26, 27, 28)
-
-
29. A test apparatus to test memory allocation requests made by an application, the test apparatus defined in one or more computer-readable storage media and comprising:
-
means for predicting a memory allocation request by examination of results of at least two inputs to an application resulting in memory allocation requests, wherein the means for predicting comprises; means for deriving a formula relating input data and memory allocation requests; and means for solving the formula to obtain an input likely to cause integer overflow within the application; and means for selecting input data according to the means for predicting a memory allocation request, wherein the selected input data tests the application'"'"'s ability to correctly process data intended to result in integer overflow. - View Dependent Claims (30, 31)
-
-
32. A method for evaluating an application for security risks, the method comprising:
-
finding a relationship between input data and memory allocation requests; executing a memory allocation-requesting module within the application to obtain a memory allocation request, wherein input data which was provided to the application was selected by using the relationship and was calculated to test for math errors within the application; and evaluating the memory allocation request for evidence of math errors; wherein the evaluation of the application for security risks is performed within an operating system environment. - View Dependent Claims (33, 34, 35)
-
Specification