Most of the more complex pieces of software created today are filled with security vulnerabilities created by inattention on the programmers' part, which makes it important to spend some of the development time on finding and fixing these kind of vulnerabilities. Unfortunately, the code is often too large and there aren't enough resources available to make this feasible. It can also happen that we'd like to fix some vulnerability in a software whose source code is not available to us, only the compiled binary, e.g. when wanting to use a closed-source program that has some known but as of yet unpatched vuln. This thesis details the workings of a tool designed to find and patch some of the more common and simple vulnerabilities in a program's compiled binary.
In the first part, we show some of the existing methods and tools used for automatically finding and fixing security flaws, such as those employed by the competitors in the DARPA Cyber Grand Challenge. Following this, we list some of the most common security bugs that can appear in C/C++ code and the potential attacks that a malicious individual could use them for. In the next section, we talk about the algorithms and tools that our patching program employs in order to identify and patch some of the simpler vulnerabilities. We also mention some of the weaknesses of the employed algorithms and list some ideas for improving them.
In the last section, we talk about the limitations and boundaries of our patching program, what it can and cannot do, list some of the possibilities for improving the rate of detection for the supported vuln types, and give some ideas for detecting other, more complex types of security vulnerabilities.