diff --git a/thesis/src/02.intercept.tex b/thesis/src/02.intercept.tex
index 1034ecd..c8c0a00 100644
--- a/thesis/src/02.intercept.tex
+++ b/thesis/src/02.intercept.tex
@@ -338,6 +338,10 @@ Example (\texttt{malloc}): \\
 \texttt{return 0x1234; errno 0}, \\
 \texttt{return -1; errno ENOMEM}.
 
+Some libc functions return their results via a pointer which was previously given to them as an argument.
+The \texttt{pipe} function is called with an \texttt{int} array of size two as argument and stores its two pipe ends into this array.
+The \texttt{read} function is called with a pointer to a buffer and a corresponding size and stores its read data into this buffer.
+
 Example (\texttt{pipe}): \\
 \texttt{return 0; errno 0; fildes=[3,4]}, \\
 \texttt{return -1; errno ENFILE}.
@@ -346,7 +350,6 @@ Example (\texttt{read}): \\
 \texttt{return 12; errno 0; buf=0x7fff70:"Hello World!"}, \\
 \texttt{return -1; errno EINTR}.
 
-\todo{Explain Examples}
 
 
 \section{Determining Function Call Location}\label{sec:determining-function-call-location}
@@ -558,7 +561,7 @@ Furthermore, it is possible to check various pre- and post-conditions for each f
 This is beneficial because many library functions in C rely on these pre- and post-conditions, which are not enforced by the compiler or in any other way.
 
 For example, the \texttt{malloc} function has the post-condition that the returned value later needs to be passed to \texttt{free} to avoid memory leaks.
-The \texttt{free} function, on the other hand, has the pre-condition that the passed value was previously acquired using \texttt{malloc} and may not be yet free'd.
+The \texttt{free} function, on the other hand, has the pre-condition that the passed value was previously acquired using \texttt{malloc} and may not be yet freed.
 Any violation of such pre- and post-conditions may be reported as non-compliant behavior.
 \cite{malloc.3}
 
@@ -568,13 +571,34 @@ Another important post-condition of most library functions is the return value,
 However, intercepting of calls alone may not be able to verify if a program really checks the return value of a function and acts accordingly.
 Chapter~\ref{ch:manipulating-function-calls} shows how this problem may be solved.
 
+
 \subsection{Validating Memory Management}\label{subsec:testing-memory-management}
 
-Lorem Ipsum.
-(malloc, calloc, realloc, free, getaddrinfo, freeaddrinfo).
+The most basic memory management functions in the C standard library are the following.
+
+\begin{description}
+  \item[\texttt{malloc}, \texttt{calloc}]
+    Allocate memory. \cite{malloc.3}
+  \item[\texttt{realloc}, \texttt{reallocarray}]
+    Change the size of a previously allocated memory block and possibly move the block to another position in virtual memory. \cite{malloc.3}
+  \item[\texttt{free}]
+    Free previously allocated memory. \cite{malloc.3}
+  \item[\texttt{getaddrinfo}]
+    Allocate and initialize a linked list of \texttt{addrinfo} structures. \cite{getaddrinfo.3}
+  \item[\texttt{freeaddrinfo}]
+    Frees memory previously allocated by \texttt{getaddrinfo} for the dynamically allocated linked list. \cite{getaddrinfo.3}
+  \item[\texttt{getline}, \texttt{getdelim}]
+    Used to split strings.
+    Allocate memory on their own, which must be freed afterward. \cite{getline.3}
+\end{description}
+
+By only intercepting these functions, it is possible to check if all allocated memory blocks in a simple program were properly allocated and freed.
 
 
 \subsection{Validating Resource Management}\label{subsec:validating-resource-management}
 
-Lorem Ipsum.
-(open, close, socket, \dots).
+Besides memory management, the proper use of other resources, most notably file descriptors, may be checked.
+Many functions in the C standard library rely on file descriptors.
+It may be checked if file descriptors were properly acquired, if only previously acquired file descriptors are used, and if these file descriptors are closed after their use.
+Relevant for this work are also semaphores because they do not rely on file descriptor in their API\@.
+Due to time restrictions, no detailed list for validating resource management has been put together.
diff --git a/thesis/src/99.intercept.bib b/thesis/src/99.intercept.bib
index 0f1fa44..aa1a96e 100644
--- a/thesis/src/99.intercept.bib
+++ b/thesis/src/99.intercept.bib
@@ -37,6 +37,12 @@
 @manual{malloc.3,
     title = {malloc(3) -- Library Functions Manual -- Linux manual pages},
 }
+@manual{getaddrinfo.3,
+    title = {getaddrinfo(3) -- Library Functions Manual -- Linux manual pages},
+}
+@manual{getline.3,
+    title = {getline(3) -- Library Functions Manual -- Linux manual pages},
+}
 @book{netsectools2005,
     author = {Dhanjani, Nitesh and Clarke, Justin},
     title = {Network Security Tools},