MemSpate: Memory Usage Protocol Guided Fuzzing

MemSpate: Memory Usage Protocol Guided Fuzzing

연구 분야: Strategies

학회: International Conference on Formal Engineering Methods

Memory safety vulnerabilities are high-risk and common vulnerabilities in software testing, often leading to a series of system errors. Fuzz testing is widely recognized as one of the most effective methods for detecting vulnerabilities, including memory safety ones. However, current fuzzing solutions typically only partially address memory usage, limiting their ability to detect memory safety vulnerabilities. In this paper, we introduce MemSpate, a dedicated fuzzer designed to detect memory safety vulnerabilities. Utilizing a more comprehensive memory usage protocol, MemSpate identifies the memory operation sequences that may violate the protocol and estimates the overall memory consumption to exceed an acceptable limit. It then monitors the coverage of these operation sequences and tracks the maximum memory consumption, both of which are used as a new feedback mechanism to guide the fuzzing process. We evaluated MemSpate on 12 real-world open-source programs and compared its performance with 5 state-of-the-art fuzzers. The results demonstrate that MemSpate surpasses all other fuzzers in terms of discovering memory safety vulnerabilities. Furthermore, our experiments have led to the discovery of 4 previously unknown vulnerabilities.