w3hello.com logo
Home PHP C# C++ Android Java Javascript Python IOS SQL HTML videos Categories
Is it possible to create a binary analysis software which would sort out all possible vulnerabilities and bugs in other software?

If I understand you correctly, there is such thing. Search for static analysis, control flow graph and such things. So generally, your idea is good.

However, writing a program that will find all the bugs in some program is impossible. The proof is by reduction from the Halting problem. So obviously, it is impossilbe to use your approach to find them all.

However, it might be possible to find all the bugs of some family. For example: I can define the "bug family" of crashing within one minute when only one ASCII char is given as input. Of course you can check this (at least for deterministic programs, for probabilistic programs - a simple check will give probability that there is no bug).

So for spcific bugs your approach might work.

And last thing: notice that this approach might have high time complexity.





© Copyright 2018 w3hello.com Publishing Limited. All rights reserved.