Study on Buffer Overrun Detection Using Linear Programming

This paper addresses the issue of identifying buffer overrun vulnerabilities using linear programming literature. It models the string and security functions in C language by integer range constraints system, then solve it by linear programming theory. And a fast solver is presented to find the bounds of the constraints system, which is used to identify the overrun vulnerabilities. Finally built a prototype and used it to check wu-ftp-2.6.2, and the results show that it is feasible, effective, and can solve the problem in linear time.