From 12bd315eb1b06e6c734f4e0fde89e81c4e310d23 Mon Sep 17 00:00:00 2001 From: Lorenz Stechauner Date: Tue, 22 Jul 2025 14:41:16 +0200 Subject: [PATCH] thesis: Complete 2.9 --- thesis/src/02.intercept.tex | 27 +++++++++++++++------------ 1 file changed, 15 insertions(+), 12 deletions(-) diff --git a/thesis/src/02.intercept.tex b/thesis/src/02.intercept.tex index f58a387..fefe40d 100644 --- a/thesis/src/02.intercept.tex +++ b/thesis/src/02.intercept.tex @@ -529,17 +529,20 @@ This includes the offset relative to the calling binary and a source file and li \end{listing} -\section{Analyzing Intercepted Function Calls}\label{sec:analyzing-intercepted-function-calls} - -Lorem Ipsum. - -\begin{itemize} - \item Which functions where called? - \item In what order were the functions called? - \item Did the programmer statisfy all preconditions on each function call? - \item Did the programmer clean up all used resources? -\end{itemize} - \section{Automated Testing on Intercepted Function Calls}\label{sec:automated-testing-on-intercepted-function-calls} -Lorem Ipsum. +The recorded function calls of a program run now may be used to perform checks and tests on them. +It is trivially possible to check which functions were called and in what order. +Furthermore, it is possible to check various pre- and post-conditions for each function call. +This is beneficial because many library functions in C rely on these pre- and post-conditions, which are not enforced by the compiler or in any other way. + +For example, the \texttt{malloc} function has the post-condition that the returned value later needs to be passed to \texttt{free} to avoid memory leaks. +The \texttt{free} function, on the other hand, has the pre-condition that the passed value was previously acquired using \texttt{malloc} and may not be yet free'd. +Any violation of such pre- and post-conditions may be reported as incompliant behavior. +\cite{malloc.3} + +This means that intercepted function calls allow a tester to check if programmers use library function in compliance to their specification. +Other checks may also include guards to calls to ``forbidden'' functions, or that specific functions must be called exactly three times. +Another important post-condition of most library functions is the return value, which in most cases indicates success or failure of an operation. +However, intercepting of calls alone may not be able to verify if a program really checks the return value of a function and acts accordingly. +Chapter~\ref{ch:manipulating-function-calls} shows how this problem may be solved.