Assisting in Auditing of Buffer Overflow Vulnerabilities via Machine Learning

<table class="algorithm-group"><tr><td><table class="algorithm" id="alg2"><tr><td colspan="2"><svg height="11.5564pt" id="M84" style="vertical-align:-2.26807pt" version="1.1" viewbox="-0.0498162 -9.28833 15.3928 11.5564" width="15.3928pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="matrix(.013,0,0,-0.013,0,0)"><path d="M300 -147C201 -63 143 98 143 270S200 602 300 686L282 710C136 610 70 450 70 271V270C70 89 136 -72 282 -170L300 -147Z" id="g113-41"></path></g><g transform="matrix(.013,0,0,-0.013,4.498,0)"><path d="M384 0V27C293 34 287 42 287 114V635C232 613 172 594 109 583V559L157 557C201 555 205 550 205 499V114C205 42 199 34 109 27V0H384Z" id="g113-50"></path></g><g transform="matrix(.013,0,0,-0.013,10.738,0)"><path d="M275 270C275 450 212 609 64 710L45 686C145 604 203 442 203 270S147 -63 45 -147L64 -170C213 -68 275 89 275 270Z" id="g113-42"></path></g></svg><span style="margin-left:0.33333333333333331em"></span>if(bytes_per_pixel <svg height="7.88973pt" id="M85" style="vertical-align:-0.6370101pt" version="1.1" viewbox="-0.0498162 -7.25272 7.75925 7.88973" width="7.75925pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="matrix(.013,0,0,-0.013,0,0)"><path d="M512 230V281L75 514V456L453 256V254L75 55V-3L512 230Z" id="g117-92"></path></g></svg> sizeof(swapbuff))</td></tr><tr><td colspan="2"><svg height="11.5564pt" id="M86" style="vertical-align:-2.26807pt" version="1.1" viewbox="-0.0498162 -9.28833 15.3928 11.5564" width="15.3928pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="matrix(.013,0,0,-0.013,0,0)"><path d="M300 -147C201 -63 143 98 143 270S200 602 300 686L282 710C136 610 70 450 70 271V270C70 89 136 -72 282 -170L300 -147Z" id="g113-41"></path></g><g transform="matrix(.013,0,0,-0.013,4.498,0)"><path d="M412 140C382 77 369 73 315 73H129L270 222C362 320 402 379 402 466C402 571 322 635 234 635C177 635 130 609 99 576L42 495L64 475C90 514 133 568 201 568C274 568 318 519 318 435C318 349 255 267 193 193C144 135 87 78 32 23V0H405C417 45 427 89 440 131L412 140Z" id="g113-51"></path></g><g transform="matrix(.013,0,0,-0.013,10.738,0)"><path d="M275 270C275 450 212 609 64 710L45 686C145 604 203 442 203 270S147 -63 45 -147L64 -170C213 -68 275 89 275 270Z" id="g113-42"></path></g></svg><span style="margin-left:0.77777777777777779em"></span><svg height="11.5564pt" id="M87" style="vertical-align:-2.26807pt" version="1.1" viewbox="-0.0498162 -9.28833 6.80666 11.5564" width="6.80666pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="matrix(.013,0,0,-0.013,0,0)"><path d="M293 -169V-141C218 -131 209 -90 209 -44C209 19 222 85 222 152C222 207 198 255 139 269V273C199 286 222 334 222 388C222 454 209 523 209 588C209 632 218 671 293 681V709C234 709 148 695 148 577C147 513 155 438 155 372C155 337 152 291 64 285V256C152 250 155 204 155 169C156 105 148 31 148 -41C148 -157 234 -169 293 -169Z" id="g113-124"></path></g></svg> TIFFError(“reverseSamplesBytes”,“bytes_per_pixel too large”);</td></tr><tr><td colspan="2"><svg height="11.5564pt" id="M88" style="vertical-align:-2.26807pt" version="1.1" viewbox="-0.0498162 -9.28833 15.3928 11.5564" width="15.3928pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="matrix(.013,0,0,-0.013,0,0)"><path d="M300 -147C201 -63 143 98 143 270S200 602 300 686L282 710C136 610 70 450 70 271V270C70 89 136 -72 282 -170L300 -147Z" id="g113-41"></path></g><g transform="matrix(.013,0,0,-0.013,4.498,0)"><path d="M285 378C315 398 338 416 353 432C373 451 384 474 384 503C384 579 325 635 236 635H235C182 635 136 610 108 579L65 516L85 496C110 533 150 575 205 575C258 575 300 543 300 481C300 407 232 369 141 339L147 310C163 315 188 321 211 321C268 321 338 284 338 192C338 94 288 40 217 40C160 40 119 68 93 91C85 98 77 97 69 91C60 84 47 71 46 58C44 46 48 35 62 22C75 10 116 -12 162 -12C234 -12 424 62 424 224C424 297 373 359 285 376V378Z" id="g113-52"></path></g><g transform="matrix(.013,0,0,-0.013,10.738,0)"><path d="M275 270C275 450 212 609 64 710L45 686C145 604 203 442 203 270S147 -63 45 -147L64 -170C213 -68 275 89 275 270Z" id="g113-42"></path></g></svg><span style="margin-left:1.2222222222222223em"></span>return <span class="nowrap"><svg height="11.5564pt" id="M89" style="vertical-align:-2.26807pt" version="1.1" viewbox="-0.0498162 -9.28833 15.3928 11.5564" width="15.3928pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="matrix(.013,0,0,-0.013,0,0)"><path d="M300 -147C201 -63 143 98 143 270S200 602 300 686L282 710C136 610 70 450 70 271V270C70 89 136 -72 282 -170L300 -147Z" id="g113-41"></path></g><g transform="matrix(.013,0,0,-0.013,4.498,0)"><path d="M384 0V27C293 34 287 42 287 114V635C232 613 172 594 109 583V559L157 557C201 555 205 550 205 499V114C205 42 199 34 109 27V0H384Z" id="g113-50"></path></g><g transform="matrix(.013,0,0,-0.013,10.738,0)"><path d="M275 270C275 450 212 609 64 710L45 686C145 604 203 442 203 270S147 -63 45 -147L64 -170C213 -68 275 89 275 270Z" id="g113-42"></path></g></svg>;</span></td></tr><tr><td colspan="2"><svg height="11.5564pt" id="M90" style="vertical-align:-2.26807pt" version="1.1" viewbox="-0.0498162 -9.28833 15.3928 11.5564" width="15.3928pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="matrix(.013,0,0,-0.013,0,0)"><path d="M300 -147C201 -63 143 98 143 270S200 602 300 686L282 710C136 610 70 450 70 271V270C70 89 136 -72 282 -170L300 -147Z" id="g113-41"></path></g><g transform="matrix(.013,0,0,-0.013,4.498,0)"><path d="M456 178V225H360V632H320C217 496 115 347 20 206V178H280V106C280 40 276 34 189 27V0H445V27C364 34 360 39 360 106V178H456ZM280 225H82C149 335 214 431 278 520H280V225Z" id="g113-53"></path></g><g transform="matrix(.013,0,0,-0.013,10.738,0)"><path d="M275 270C275 450 212 609 64 710L45 686C145 604 203 442 203 270S147 -63 45 -147L64 -170C213 -68 275 89 275 270Z" id="g113-42"></path></g></svg><span style="margin-left:0.77777777777777779em"></span><svg height="11.5564pt" id="M91" style="vertical-align:-2.26807pt" version="1.1" viewbox="-0.0498162 -9.28833 6.80666 11.5564" width="6.80666pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="matrix(.013,0,0,-0.013,2.179,0)"><path d="M283 255V284C195 290 192 337 192 375C192 436 200 508 200 580C200 696 116 709 54 709V681C127 671 139 634 139 588C138 524 125 452 125 387C125 333 149 286 209 272V268C148 253 125 206 125 151C126 87 139 16 139 -47C139 -92 127 -131 54 -141V-169C115 -169 200 -152 200 -41C200 32 192 104 192 164C192 202 195 249 283 255Z" id="g113-126"></path></g></svg></td></tr></table></td></tr></table>

<div>Patch of CVE-2016-9537 in Algorithm <a href="../alg1/">1</a>.</div>

Mathematical Problems in Engineering

alg2

Algorithm 2

Algorithm 2: Assisting in Auditing of Buffer Overflow Vulnerabilities via Machine Learning 