高级检索

    基于中间语言的JNI内存泄漏检查

    Detection of JNI Memory Leaks Based on Extended Bytecode

    • 摘要: JNI技术支持Java与本地C/C++的相互调用,在Android等混合语言实现的系统中有着广泛应用,但语言之间的安全特性差异使其成为安全薄弱环节,现有的分析方法难以处理多语言相互调用产生的安全缺陷.以JNI调用中易产生的内存泄漏为例,开展Java/C++JNI跨语言分析的研究.采用扩展的Java Bytecode(Bytecode*)指令作为C++语义的解释来消除跨语言分析的障碍.围绕JNI调用中内存泄漏的问题,做了以下3方面工作:1)定义兼容Java/C++语言的分块内存模型;2)基于LLVM/LLJVM,设计实现了C++到Bytecode*的翻译策略;3)建立方法调用图,提取方法摘要,利用过程间分析方法检测JNI调用中的内存泄漏.针对具有典型内存泄漏特征的JNI实例翻译检测表明,该工作能够准确检测出Java/C++混合语言中的内存泄漏,对于JNI混合语言编程的理解和漏洞分析具有重要价值.

       

      Abstract: The Java native interface(JNI)enables Java code running in a Java virtual machine(JVM) to be called by native code, but the difference of security features between languages makes it a security weakness, which cannot be detected by existing analysis methods. Commonly used detection methods are mainly based on the analysis of intermediate language, which is invalid in this JNI case, since the lack of an intermediate representation to bridge Java and C++. This paper analyzes JNI from a Java/C++ cross-language perspective and focuses on memory leaks which frequently occur in JNI calls. In order to overcome language barriers, this paper proposes extended Bytecode (Bytecode*) instructions as interpretation of C++ semantics. Our contributions are described as follows: 1)Define a block memory model which is compatible with both Java and C++;2) Design translation rules from C++ to extended Java Bytecode based on LLVM/LLJVM;3)Construct a method call graph, extract abstract and detect memory leaks in JNI calls by interprocedural analysis. Experiments on typical JNI code with memory leak features show that our analysis work can detect memory leaks in Java/C++ accurately, and is of important significance in cross-linguistic programming and vulnerability analysis.

       

    /

    返回文章
    返回