Protecting Source Code Privacy When Hunting Memory Bugs

When proving to a third party that a software system is free from critical memory bugs, software vendors often face the problem of having to reveal their source code, so that the third party can scan the source code using static analysis tools. However, such transparency poses a significant threat to vendors, as the source code typically contains proprietary algorithms, core technical innovations, or trade secrets, exposing them to potential intellectual property risks. In this paper, we present a solution that offers a balance between transparency and code privacy, allowing software vendors to provide minimal source code information while justifying the sufficiency of bug detection. To this end, we propose DIReducer, which reduces source code information, a.k.a. debug information, from non-stripped binaries while preserving its utility for memory bug detection. DIReducer consists of two components: selective pruning and type minimization. The former eliminates redundant debug information, and the latter is proven to be NP-hard and minimizes type-related debug information by reducing it to the classic set-cover problem, which offers a near-optimal solution. Experimental results show that we can reduce 95% of debug information while maintaining similar bug detection capability compared to using full debug information or the source code.