|
AddressSanitizer
AddressSanitizer (or ASan) is an open source programming tool that detects memory corruption bugs such as buffer overflows or accesses to a dangling pointer (use-after-free). AddressSanitizer is based on compiler instrumentation and directly mapped shadow memory. AddressSanitizer is currently implemented in Clang (starting from version 3.1), GCC (starting from version 4.8), Xcode (starting from version 7.0) and MSVC (widely available starting from version 16.9). On average, the instrumentation increases processing time by about 73% and memory usage by 240%. Users Chromium and Firefox developers are active users of AddressSanitizer; the tool has found hundreds of bugs in these web browsers. A number of bugs were found in FFmpeg and FreeType. The Linux kernel has enabled the AddressSanitizer for the x86-64 architecture as of Linux version 4.0. KernelAddressSanitizer The KernelAddressSanitizer (KASAN) detects dynamic memory errors in the Linux kernel. Kernel instrumentation re ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Intel MPX
Intel MPX (Memory Protection Extensions) was a set of extensions to the x86 instruction set architecture. With compiler, runtime library and operating system support, Intel MPX claimed to enhance security to software by checking pointer references whose normal compile-time intentions are maliciously exploited at runtime due to buffer overflows. In practice, there have been too many flaws discovered in the design for it to be useful, and support has been deprecated or removed from most compilers and operating systems. Intel has listed MPX as removed in 2019 and onward hardware in section 2.5 of its IntelĀ® 64 and IA-32 Architectures Software Developer's Manual Volume 1. Extensions Intel MPX introduces new bounds registers, and new instruction set extensions that operate on these registers. Additionally, there is a new set of "bound tables" that store bounds beyond what can fit in the bounds registers. MPX uses four new 128-bit bounds registers, BND0 to BND3, each storing a pair of ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Shadow Memory
In computing, shadow memory is a technique used to track and store information on computer memory used by a program during its execution. Shadow memory consists of shadow bytes that map to individual bits or one or more bytes in main memory. These shadow bytes are typically invisible to the original program and are used to record information about the original piece of data. Technique The technique is utilized by memory-error checkers that can store information on which parts of memory have been allocated to the program being checked. This shadow memory is then used for detecting and reporting incorrect accesses of memory, even though the program may not be crashing due to a segmentation fault or similar. An error checker may also store additional information on memory such as which bits have been defined and which ones do not. Memcheck, part of the Valgrind suite, uses this to detect undefined behavior resulting from acting on or printing undefined memory values. Use of shadow m ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Memory Corruption
Memory corruption occurs in a computer program when the contents of a memory location are modified due to programmatic behavior that exceeds the intention of the original programmer or program/language constructs; this is termed as violation of memory safety. The most likely causes of memory corruption are programming errors (software bugs). When the corrupted memory contents are used later in that program, it leads either to program crash or to strange and bizarre program behavior. Nearly 10% of application crashes on Windows systems are due to heap corruption.{{Cite web, last=Radich, first=Q., last2=Sherer, first2=T., last3=Sharkey, first3=K., last4=Batchelor, first4=D., last5=Kennedy, first5=J. T., last6=Mabee, first6=D., last7=Coulter, first7=D., last8=Michael, first8=S., date=28 April 2021, title=Application Verifier (Windows 7 and Windows Server 2008 R2 Application Quality Cookbook) - Win32 apps, publisher=Microsoft Developer Network, url=https://docs.microsoft.com/en-us/w ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Dangling Pointer
Dangling pointers and wild pointers in computer programming are pointers that do not point to a valid object of the appropriate type. These are special cases of memory safety violations. More generally, dangling references and wild references are references that do not resolve to a valid destination. Dangling pointers arise during object destruction, when an object that has an incoming reference is deleted or deallocated, without modifying the value of the pointer, so that the pointer still points to the memory location of the deallocated memory. The system may reallocate the previously freed memory, and if the program then dereferences the (now) dangling pointer, '' unpredictable behavior may result'', as the memory may now contain completely different data. If the program writes to memory referenced by a dangling pointer, a silent corruption of unrelated data may result, leading to subtle bugs that can be extremely difficult to find. If the memory has been reallocated to anoth ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
FFmpeg
FFmpeg is a free and open-source software project consisting of a suite of libraries and programs for handling video, audio, and other multimedia files and streams. At its core is the command-line ffmpeg tool itself, designed for processing of video and audio files. It is widely used for format transcoding, basic editing (trimming and concatenation), video scaling, video post-production effects and standards compliance (SMPTE, ITU). FFmpeg also includes other tools: ffplay, a simple media player and ffprobe, a command-line tool to display media information. Among included libraries are libavcodec, an audio/video codec library used by many commercial and free software products, libavformat (Lavf), an audio/video container mux and demux library, and libavfilter, a library for enhancing and editing filters through a Gstreamer-like filtergraph. FFmpeg is part of the workflow of many other software projects, and its libraries are a core part of software media players such as VLC, an ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Computer Security Procedures
A computer is a machine that can be programmed to carry out sequences of arithmetic or logical operations ( computation) automatically. Modern digital electronic computers can perform generic sets of operations known as programs. These programs enable computers to perform a wide range of tasks. A computer system is a nominally complete computer that includes the hardware, operating system (main software), and peripheral equipment needed and used for full operation. This term may also refer to a group of computers that are linked and function together, such as a computer network or computer cluster. A broad range of industrial and consumer products use computers as control systems. Simple special-purpose devices like microwave ovens and remote controls are included, as are factory devices like industrial robots and computer-aided design, as well as general-purpose devices like personal computers and mobile devices like smartphones. Computers power the Internet, which l ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Security Testing Tools
Security is protection from, or resilience against, potential harm (or other unwanted coercive change) caused by others, by restraining the freedom of others to act. Beneficiaries (technically referents) of security may be of persons and social groups, objects and institutions, ecosystems or any other entity or phenomenon vulnerable to unwanted change. Security mostly refers to protection from hostile forces, but it has a wide range of other senses: for example, as the absence of harm (e.g. freedom from want); as the presence of an essential good (e.g. food security); as resilience against potential damage or harm (e.g. secure foundations); as secrecy (e.g. a secure telephone line); as containment (e.g. a secure room or cell); and as a state of mind (e.g. emotional security). The term is also used to refer to acts and systems whose purpose may be to provide security (security companies, security forces, security guard, cyber security systems, security cameras, remote guardin ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Microsoft Windows SDK
Microsoft Windows SDK, and its predecessors Platform SDK, and .NET Framework SDK, are software development kits (SDKs) from Microsoft that contain documentation, header files, libraries, samples and tools required to develop applications for Microsoft Windows and .NET Framework. ''Platform SDK'' specializes in developing applications for Windows 2000, XP and Windows Server 2003. ''.NET Framework SDK'' is dedicated to developing applications for .NET Framework 1.1 and .NET Framework 2.0. ''Windows SDK'' is the successor of the two and supports developing applications for Windows XP and later, as well as .NET Framework 3.0 and later. Features ''Platform SDK'' is the successor of the original Microsoft Windows SDK for Windows 3.1x and Microsoft Win32 SDK for Windows 9x. It was released in 1999 and is the oldest SDK. Platform SDK contains compilers, tools, documentations, header files, libraries and samples needed for software development on IA-32, x64 and IA-64 CPU architectures ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
X86-64
x86-64 (also known as x64, x86_64, AMD64, and Intel 64) is a 64-bit version of the x86 instruction set, first released in 1999. It introduced two new modes of operation, 64-bit mode and compatibility mode, along with a new 4-level paging mode. With 64-bit mode and the new paging mode, it supports vastly larger amounts of virtual memory and physical memory than was possible on its 32-bit predecessors, allowing programs to store larger amounts of data in memory. x86-64 also expands general-purpose registers to 64-bit, and expands the number of them from 8 (some of which had limited or fixed functionality, e.g. for stack management) to 16 (fully general), and provides numerous other enhancements. Floating-point arithmetic is supported via mandatory SSE2-like instructions, and x87/ MMX style registers are generally not used (but still available even in 64-bit mode); instead, a set of 16 vector registers, 128 bits each, is used. (Each register can store one or two double-preci ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Linux Kernel
The Linux kernel is a free and open-source, monolithic, modular, multitasking, Unix-like operating system kernel. It was originally authored in 1991 by Linus Torvalds for his i386-based PC, and it was soon adopted as the kernel for the GNU operating system, which was written to be a free (libre) replacement for Unix. Linux is provided under the GNU General Public License version 2 only, but it contains files under other compatible licenses. Since the late 1990s, it has been included as part of a large number of operating system distributions, many of which are commonly also called Linux. Linux is deployed on a wide variety of computing systems, such as embedded devices, mobile devices (including its use in the Android operating system), personal computers, servers, mainframes, and supercomputers. It can be tailored for specific architectures and for several usage scenarios using a family of simple commands (that is, without the need of manually editing its source code ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
