Precise and Efficient:A Hybrid Analysis-Based Stack Overflow Detection Model under MIPS

Although the vulnerability detection techniques under the MIPS platform can detect stack overflow vulnerabilities, the stack overflow vulnerability of the stack frame changes is complex and hard to recover. The input generated by fuzzy testing techniques is inefficient and difficult to recover the site after generating crashes. It is a challenge to preserve the context of runtime stack and establish effective constraints under hybrid analysis techniques, which usually makes the solution path more run inefficient and affects the analysis results in accuracy. This paper proposes a method that combines hybrid analysis including taint analysis to detect the vulnerabilities of stack overflow. The method ensures accuracy while reducing the number of execution paths. The three vulnerabilities of stack overflow in the routed firmware selected for testing are successfully detected and the number of detected paths is controlled to about 10. In addition, the method is designed to decouple the vulnerability location and detection modules, providing a basis for subsequent research on a common vulnerability detection platform.