Divak: Non-invasive Characterization of Out-Of-Bounds Write Vulnerabilities


Despite the high level of automation that fuzzing has brought into the vulnerability research process, the assessment of a discovered vulnerability’s implications mostly requires human expertise and intuition. A promising approach to reduce such a manual effort is the automatic extraction of vulnerability characteristics that provide vital clues for exploitability. In this work, we focus on out-of-bounds write vulnerabilities and investigate how to automatically distill the set of source code-level objects affected by such unintended writes. As this poses unique challenges with regard to the invasiveness of the analysis methods, we propose a novel approach that enables monitoring a compiled program for spatial memory safety violations without the need for heavy instrumentation. We implement Divak, a prototype of our design, and we evaluate it on both benchmarks and real-world vulnerabilities, showing that its detection and characterization capabilities outperform instrumentation-based tools in several scenarios, at the cost of an increased overhead.

Conference paper
Proceedings of the Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA)