An Exploitability Analysis Technique for Binary Vulnerability Based on Automatic Exception Suppression

<table class="algorithm-group"><tr><td><table class="algorithm" id="pro1"><tr><td colspan="2">(1)  char ⋆message = <svg height="9.22724pt" id="M13" style="vertical-align:-0.04981995pt" version="1.1" viewbox="-0.0498162 -9.17742 4.5101 9.22724" width="4.5101pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="matrix(.013,0,0,-0.013,0,0)"><path d="M119 710L42 683C46 669 61 568 71 474L99 486C107 548 122 682 125 705L119 710Z" id="g190-170"></path></g><g transform="matrix(.013,0,0,-0.013,2.197,0)"><path d="M119 710L42 683C46 669 61 568 71 474L99 486C107 548 122 682 125 705L119 710Z" id="g190-170"></path></g></svg>Hello World!<svg height="9.22724pt" id="M14" style="vertical-align:-0.04981995pt" version="1.1" viewbox="-0.0498162 -9.17742 4.5101 9.22724" width="4.5101pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="matrix(.013,0,0,-0.013,0,0)"><path d="M119 710L42 683C46 669 61 568 71 474L99 486C107 548 122 682 125 705L119 710Z" id="g190-170"></path></g><g transform="matrix(.013,0,0,-0.013,2.197,0)"><path d="M119 710L42 683C46 669 61 568 71 474L99 486C107 548 122 682 125 705L119 710Z" id="g190-170"></path></g></svg>;</td></tr><tr><td colspan="2">(2) void vulnerable_function()<svg height="11.5564pt" id="M15" style="vertical-align:-2.26807pt" version="1.1" viewbox="-0.0498162 -9.28833 4.62754 11.5564" width="4.62754pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="matrix(.013,0,0,-0.013,0,0)"><path d="M293 -169V-141C218 -131 209 -90 209 -44C209 19 222 85 222 152C222 207 198 255 139 269V273C199 286 222 334 222 388C222 454 209 523 209 588C209 632 218 671 293 681V709C234 709 148 695 148 577C147 513 155 438 155 372C155 337 152 291 64 285V256C152 250 155 204 155 169C156 105 148 31 148 -41C148 -157 234 -169 293 -169Z" id="g113-124"></path></g></svg></td></tr><tr><td colspan="2">(3)    char ⋆tmp;</td></tr><tr><td colspan="2">(4)    tmp = message;</td></tr><tr><td colspan="2">(5)    char buff[128];</td></tr><tr><td colspan="2">(6)    read(0,buf,256);</td></tr><tr><td colspan="2">(7)    printf(<svg height="9.22724pt" id="M16" style="vertical-align:-0.04981995pt" version="1.1" viewbox="-0.0498162 -9.17742 4.5101 9.22724" width="4.5101pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="matrix(.013,0,0,-0.013,0,0)"><path d="M119 710L42 683C46 669 61 568 71 474L99 486C107 548 122 682 125 705L119 710Z" id="g190-170"></path></g><g transform="matrix(.013,0,0,-0.013,2.197,0)"><path d="M119 710L42 683C46 669 61 568 71 474L99 486C107 548 122 682 125 705L119 710Z" id="g190-170"></path></g></svg>%s<svg height="9.22724pt" id="M17" style="vertical-align:-0.04981995pt" version="1.1" viewbox="-0.0498162 -9.17742 4.5101 9.22724" width="4.5101pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="matrix(.013,0,0,-0.013,0,0)"><path d="M119 710L42 683C46 669 61 568 71 474L99 486C107 548 122 682 125 705L119 710Z" id="g190-170"></path></g><g transform="matrix(.013,0,0,-0.013,2.197,0)"><path d="M119 710L42 683C46 669 61 568 71 474L99 486C107 548 122 682 125 705L119 710Z" id="g190-170"></path></g></svg>,tmp); //The location read exception occur</td></tr><tr><td colspan="2">(8)    printf(<svg height="9.22724pt" id="M18" style="vertical-align:-0.04981995pt" version="1.1" viewbox="-0.0498162 -9.17742 4.5101 9.22724" width="4.5101pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="matrix(.013,0,0,-0.013,0,0)"><path d="M119 710L42 683C46 669 61 568 71 474L99 486C107 548 122 682 125 705L119 710Z" id="g190-170"></path></g><g transform="matrix(.013,0,0,-0.013,2.197,0)"><path d="M119 710L42 683C46 669 61 568 71 474L99 486C107 548 122 682 125 705L119 710Z" id="g190-170"></path></g></svg>You have passed successfully!<svg height="9.22724pt" id="M19" style="vertical-align:-0.04981995pt" version="1.1" viewbox="-0.0498162 -9.17742 4.5101 9.22724" width="4.5101pt" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><g transform="matrix(.013,0,0,-0.013,0,0)"><path d="M119 710L42 683C46 669 61 568 71 474L99 486C107 548 122 682 125 705L119 710Z" id="g190-170"></path></g><g transform="matrix(.013,0,0,-0.013,2.197,0)"><path d="M119 710L42 683C46 669 61 568 71 474L99 486C107 548 122 682 125 705L119 710Z" id="g190-170"></path></g></svg>);</td></tr><tr><td colspan="2">(9) }</td></tr></table></td></tr></table>

<div>A simple program containing read exception vulnerability.</div>

Security and Communication Networks

pro1

Program 1

Program 1: An Exploitability Analysis Technique for Binary Vulnerability Based on Automatic Exception Suppression 