Presenting a new approach to detect memory leak type vulnerability in C/C++ programming languages - دانشکده فنی و مهندسی
Presenting a new approach to detect memory leak type vulnerability in C/C++ programming languages
نوع: Type: پایان نامه
مقطع: Segment: کارشناسی ارشد
عنوان: Title: Presenting a new approach to detect memory leak type vulnerability in C/C++ programming languages
ارائه دهنده: Provider: Esmaeil Zivari morad
اساتید راهنما: Supervisors: Dr.mahdi sakhaei nia
اساتید مشاور: Advisory Professors: Dr.mohammad nasiri
اساتید ممتحن یا داور: Examining professors or referees: Dr.moharram mansoori zade-Dr.morteza yousef sanati
زمان و تاریخ ارائه: Time and date of presentation: 2023/21/02
مکان ارائه: Place of presentation: Faculty of Engineering Amphitheater Hall
چکیده: Abstract: Memory leak is one of the main problems that occur due to aging software. Despite recent countermeasures in C/C++ programming languages such as smart pointers, memory leak defects are still a problem in code. Today, one of the challenges in the field of software security is the existence of memory leaks during code execution. Platforms with automatic memory management, such as the JVM, are generally considered free of memory leaks. However, memory leaks can occur in such environments because the garbage collector cannot free objects that are no longer used by the program but are still referenced. Such unused objects can eventually fill up the stack and crash the program. Although this problem has been extensively studied, there is still much room for improvement in this field. We present an approach to automatically detect memory leaks in C/C++ programs based on specifying memory allocation locations through the age feature and the lifetime of memory chunks allocated by these locations. We trace the memory allocation and free calls in the program code and for each allocation location we collect data about the number of allocated memory chunks, their lifetime and size. Based on these data, we compute feature vectors and train a machine learning classifier to distinguish between leaky and non-leaky allocation sites. Our evaluation uses programs from the SPEC CPU2006 suite with injected memory leaks similar to real leaks. The results show that our classification algorithm can achieve high accuracy with precision and recall values of 90.1% and 90.5%, respectively
فایل: ّFile: Download فایل