TY - GEN
T1 - Finding bugs in exceptional situations of JNI programs
AU - Li, Siliang
AU - Tan, Gang
PY - 2009
Y1 - 2009
N2 - Software flaws in native methods may defeat Java's guarantees of safety and security. One common kind of flaws in native methods results from the discrepancy on how exceptions are handled in Java and in native methods. Unlike exceptions in Java, exceptions raised in the native code through the Java Native Interface (JNI) are not controlled by the Java Virtual Machine (JVM). Only after the native code finishes execution will the JVM's mechanism for exceptions take over. This discrepancy makes handling of JNI exceptions an error prone process and can cause serious security flaws in software written using the JNI. We propose a novel static analysis framework to examine exceptions and report errors in JNI programs. We have built a complete tool consisting of exception analysis, static taint analysis, and warning recovery. Experimental results demonstrated this tool allows finding of mishandling of exceptions with high accuracy (15.4% false-positive rate on over 260k lines of code). Our framework can be easily applied to analyzing software written in other foreign function interfaces, including the Python/C interface and the OCaml/C interface.
AB - Software flaws in native methods may defeat Java's guarantees of safety and security. One common kind of flaws in native methods results from the discrepancy on how exceptions are handled in Java and in native methods. Unlike exceptions in Java, exceptions raised in the native code through the Java Native Interface (JNI) are not controlled by the Java Virtual Machine (JVM). Only after the native code finishes execution will the JVM's mechanism for exceptions take over. This discrepancy makes handling of JNI exceptions an error prone process and can cause serious security flaws in software written using the JNI. We propose a novel static analysis framework to examine exceptions and report errors in JNI programs. We have built a complete tool consisting of exception analysis, static taint analysis, and warning recovery. Experimental results demonstrated this tool allows finding of mishandling of exceptions with high accuracy (15.4% false-positive rate on over 260k lines of code). Our framework can be easily applied to analyzing software written in other foreign function interfaces, including the Python/C interface and the OCaml/C interface.
UR - http://www.scopus.com/inward/record.url?scp=74049147430&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=74049147430&partnerID=8YFLogxK
U2 - 10.1145/1653662.1653716
DO - 10.1145/1653662.1653716
M3 - Conference contribution
AN - SCOPUS:74049147430
SN - 9781605583525
T3 - Proceedings of the ACM Conference on Computer and Communications Security
SP - 442
EP - 452
BT - CCS'09 - Proceedings of the 16th ACM Conference on Computer and Communications Security
T2 - 16th ACM Conference on Computer and Communications Security, CCS'09
Y2 - 9 November 2009 through 13 November 2009
ER -