Patent attributes
A method may include operating a program using an input that causes buffer overflow and determining minimum input length that causes buffer overflow and maximum input length that does not cause buffer overflow. The method may include operating program using first input that includes the maximum input length and second input that includes the minimum input length. The method may include collecting call/return pairs for each function of the program using the first and second input and determining, based on a difference between call/return pairs, a function that causes buffer overflow. The method may include determining whether a number of calls exceeds a threshold. In response to the number of calls exceeding the threshold, the method may include inserting a patch configured to prevent buffer overflow in a calling function.