A Method of Firmware Vulnerability Mining and Verification Based on Code Property Graph

With the rapid development of smart power grid, the security of intelligent terminal has been widely concerned. Firmware is the core component of intelligent terminal equipment, and its vulnerability has become one of the main threats to intelligent terminal security. However, the difficulty of obtaining firmware, extracting binary files and analyzing code bring a series of difficulties to firmware vulnerability mining, resulting in low accuracy and high false positive rate of vulnerability mining. Therefore, this paper proposes a firmware vulnerability mining method based on code property graph. First, generate the code property graph of the target program; secondly, abstract syntax tree, control flow graph and data dependency graph are extracted from code property graph. Then the traversal analysis of these three graphs gradually reduces the scope of the vulnerability; Finally, combined with manual analysis and review, the results of vulnerability mining are obtained. In this paper, joern tool is used to verify the DVRF project, mining stack overflow vulnerability, heap overflow vulnerability, command injection vulnerability and heap release vulnerability, and good experimental results are obtained.