期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

一种面向大规模C程序的内存错误调试方法

A Method on Debugging Memory Errors for Large-scale C Program
下载PDF
导出
摘要 为了实现极致的性能,C语言将操纵内存的权限以指针的方式暴露给开发人员。但是C语言编译器GCC和Clang都不提供内存安全检测,导致开发人员使用C语言编写的项目可能含有潜在的内存安全性漏洞。可以先使用检测工具定位错误,然后执行GDB来验证。文章介绍了GDB调试C程序时所采用的方法和技巧,并使用GDB验证了内存检测工具AddressSanitizer和Movec在大规模测试集SPEC上检测的有效性。 In order to achieve the ultimate performance,C language exposes the authority to manipulate memory to developers in the form of pointers.However,neither the C language compilers GCC nor Clang provides memory safety detection,which leads to potential memory safety vulnerabilities in projects written in C language by developers.You can use the detection tool to locate the error first,and then execute GDB to verify.This paper introduces methods and techniques being used when GDB debug C program,and uses GDB to verify the effectiveness of the memory detection tools AddressSanitizer and Movec on the large-scale test set SPEC.
作者 仵俊 WU Jun(College of Computer Science and Technology,Nanjing University of Aeronautics and Astronautics,Nanjing 211106,China)
机构地区 南京航空航天大学计算机科学与技术学院
出处 《现代信息科技》 2021年第21期152-154,共3页 Modern Information Technology
基金 国家自然科学基金:内存安全性和形式化规约的运行时验证(62172217)。
关键词 调试 GDB 内存安全 大规模C程序 debugging GDB memory safety large-scale C program
分类号 TP311 [自动化与计算机技术—计算机软件与理论]
  • 相关文献

参考文献5

二级参考文献27

  • 1Austin T M,Breach S E,Sohi G S.Efficient detection of all pointer and array access errors[C]//Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation(PLDI),1994. 被引量:1
  • 2The MITRE Corporation.2011 CWE/SANS top 25 most dangerous software errors[EB/OL].Sep.2011.http://cwe.mitre.org/top25/. 被引量:1
  • 3Veen V,Sharma N,Cavallaro L,et al.Memory errors:the past,the present,and the future[C]//Proceedings of the 15th International Symposium on Research in Attacks,Intrusions and Defenses(RAID),2012. 被引量:1
  • 4Szekeres L,Payer M,Wei T.So K:eternal war in memory[C]//the34th IEEE Symposium on Security and Privacy(Oakland),2013. 被引量:1
  • 5Nagarakatte S,Zhao J,Martin M M,et al.Soft Bound:highly compatible and complete spatial memory safety for C[C]//Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation(PLDI),2009. 被引量:1
  • 6Newsome J,Song D.Dynamic Taint analysis for automatic detection,analysis,and signature generation of exploits on commodity software[C]//The 12th Annual Network and Distributed System Security Symposium(NDSS),2005. 被引量:1
  • 7Foster J,Fahndrich M,Aiken A.A theory of type qualifiers[C]//Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation(PLDI),1999. 被引量:1
  • 8Shankar U,Talwar K,Foster J,et al.Detecting format-string vulnerabilities with type qualifiers[C]//Proceedings of the 10th USENIX Security Symposium,2001. 被引量:1
  • 9Zhang X,Edwards A,Jaeger T.Using CQual for static analysis of authorization hook placement[C]//Proceedings of the 11th USENIX Security Symposium,2002. 被引量:1
  • 10Haller I,Slowinska A,Neugschwandtner M,et al.Dowser:a guided fuzzer to find buffer overflow vulnerabilities[C]//The 6th European Workshop on Systems Security,2013. 被引量:1

共引文献5

现代信息科技
2021年 第21期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部