Abstract
The use of Inherently Dangerous Function could cause vulnerabilities in a program which makes it disadvantageous. If the source code exits, this problem can easily be solved by simply removing the use of dangerous functions based on the list of prohibited functions. However, if only the binary code exits, it is difficult to analyze the list of functions used in the code. Furthermore, it is challenging to understand the information of functions used in analysis, such as reverse engineering, because a lot of the information in library functions that are linked dynamically in a typical binary file has been removed. In this paper, we propose a method to find indirectly called function information by using the information when calling a function in binary code based on indirect calling method used in the windows environment.
Original language | English |
---|---|
Pages (from-to) | 79-88 |
Number of pages | 10 |
Journal | International Journal of Grid and Distributed Computing |
Volume | 11 |
Issue number | 3 |
DOIs | |
State | Published - 2018 |
Keywords
- Code analysis
- Indirect call
- Secure software
- Vulnerable function