- Joined
- Jan 8, 2019
- Messages
- 56,612
- Solutions
- 2
- Reputation
- 32
- Reaction score
- 100,454
- Points
- 2,313
- Credits
- 32,640
6 Years of Service
76%
This tool uses the taint analysis technique for static analysis and aims to identify points of heap memory usage vulnerabilities in C and C++ languages. The tool uses a common approach in the first phase of static analysis, using tokenization to collect information.
The second phase has a different approach to common lessons of the legendary dragon book, yes the tool doesn’t use AST or resources like LLVM following parsers’ and standard tips. The approach present aims to study other ways to detect vulnerabilities, using custom vector structures and typical recursive traversal with ranking following taint point. So the result of the sum of these techniques is the Heap_detective.
Features
- C and C++ tokenizer
- List of heap static routes for each source with taint points for analysis
- Analyser to detect double free vulnerability
- Analyser to detect use after free vulnerability