Integer Overflow to Buffer Overflow (IO2BO) vulnerability represents a common bug pattern in system software and is able to be detected by various program analysis methods. Mainstream static approaches apply taint analysis to find source-sink pairs and then submit those suspicious bug locations to dynamic instrumentation or static encoding.

However, works utilizing both methods either fail to handle sanitization code well nor lack the ability to generalize across codebases. In this work, we present IntTracer, which is enhanced with interval domain to model the effect of sanitization in the trace of IO2BO bug, and is able to find recurring vulnerabilities from different development scenarios. IntTracer can successfully prevent generating false positives under 5 scenarios.