Automatic Detection of Stack Overflow Attack in Canary

The existing buffer overflow vulnerability detection technology checks the control flow state of the program to determine the trigger point of the program and generate test cases. However, due to the limitation of the canary protection mechanism, it is difficult for the existing detection technology to determine whether the program satisfies the stack overflow attack condition in canary. In order to improve the security of the program and realize the detection of stack overflow attacks, this paper analyzes the existing stack overflow attack instances, summarizes the features of stack overflow attack, and builds an automatic stack overflow detection method in canary. The method uses taint analysis to monitor the input data of the program and the sensitive operation; uses the selective symbol execution technology to construct the path constraint and the data constraint of the stack overflow attack; generates a test case by solving the above constraints. Experiments show that this method can effectively achieve the detection of stack overflow attacks.