MIT researchers have created a new algorithm to tackle one of the most common bugs in programming: integer overflows. According to the researchers, these errors not only can cause computer programs to crash, but also leave them vulnerable to attack.
“Integer overflow errors are an insidious source of software failures and security vulnerabilities,” they wrote. “Because programs with latent overflow errors often process typical inputs correctly, such errors can easily escape detection during testing, only to appear later in production.”
To solve this problem, the MIT Computer Science and Artificial Intelligence Laboratory (CSAIL) researchers have developed a Directed Integer Overflow Discovery Engine (DIODE) to automatically detect integer overflow bugs. The algorithm was tested in five common open-source programs with three known bugs, and DIODE found all three bugs—along with 11 new ones.
“DIODE is designed to identify relevant sanity checks that inputs must satisfy to trigger overflows at target memory allocation sites, then generate inputs that satisfy these sanity checks to successfully trigger the overflow,” the researchers wrote.
An integer overflow itself won’t crash a computer program, according to the researchers. But when a program tries to use an integer that has overflowed, a problem can occur.
“It’s like a car odometer,” said Stelios Sidiroglou-Douskos, a research scientist at CSAIL and one of the authors of the paper. “You go over a certain number of miles, you go back to zero.”
In addition to DIODE, the researchers have developed CodePhage, an automatic code transfer system that eliminates integer overflow errors once DIODE finds them.
“Combining CodePhage with DIODE produces a system that automatically discovers and eliminates integer overflow errors: DIODE generates inputs that expose errors; CodePhage uses these inputs to locate and transfer code from donor applications to eliminate the errors,” the researchers wrote.
More information is available here.