English subtitles

← Buffer Overflows - Software Debugging

Get Embed Code
4 Languages

Showing Revision 3 created 05/25/2016 by Udacity Robot.

  1. Needless to say, this behavior of C and C++ programs opens the door
  2. for many many ways of abusing the system.
  3. You may have heard buffer overflows, which exploit precisely this flaw in C and C++
  4. where people not only read but write beyond the elements of an array
  5. in order to supplant malicious code and select locations of the memory.
  6. This opens the door for all sorts of interesting hacks, of course.
  7. How can one detect such errors?
  8. What we need is a system invariant that continuously
  9. checks the boundaries of an array against reads and writes.
  10. What a tool can do for instance is constantly monitor the uninitialized areas
  11. for reads and writes with every single instructions that is,
  12. and whenever the program tries to access some system memory that is not allocated,
  13. what will happen is that the invariant checker raises an exception or otherwise aborts the program
  14. and therefore allows us to detect this kind of error.
  15. Tools for C and C++ help you do that, include tools like electric fence,
  16. which is precisely that, places these blocks in front and before every allocated block
  17. and therefore detects when reads and writes happened outside of these allocated areas.
  18. And the second important tool here is Valgrind, which actually is an interpreter for x86 binaries
  19. in which also allows us to monitor accesses to non-initialized code for C and C++ programs.