中文摘要：

随着COM构件技术的广泛使用,COM构件暴露出越来越多的缓冲区溢出安全漏洞。为进一步提高COM构件的安全性,本文设计实现了COM构件栈缓冲区溢出漏洞检测系统CSDS（component stack-overflow detectingsystem）,并在其中实现了一个栈溢出检测算法。CSDS主要有接口分析、函数定位、栈溢出静态分析和结果输出4个模块,接口分析模块分析被测COM构件得到构件的对象、接口及函数的详细信息;函数定位模块获取构件中用户编写的函数在该构件对应的汇编代码中的线性地址;栈溢出静态分析模块使用提出的栈溢出检测算法生成COM构件汇编代码及分析栈溢出漏洞;结果输出模块将检测结果用XML的形式表示出来。所实现的原型系统CSDS对COM构件栈缓冲区溢出漏洞具有一定的检测效果。

英文摘要：

Problems with buffer overflow security exposed by the COM component are more and more widely used with COM component technology.The system CSDS（component stack overflow detecting system）,which can detect buffer-overflow vulnerability of the COM component,is designed and implemented in this paper.The CSDS system contains four modules,the interface analysis module,the function position module,the stack-overflow static analysis module and the result output module.The detailed information of objects,interfaces and functions of the COM component is obtained through the interface analysis module.The linear address that the user-written function corresponded in the assembly code of the component is analyzed and obtained through the function position module.COM component assembly codes are implemented and stack-overflow vulnerability is analyzed through the stack-overflow static analysis module.Test results can be expressed by the form of XML through the result output module.The implemented prototype system CSDS has good effect on stack buffer-overflow vulnerability of the COM component.