thesis: Finish 2.9
This commit is contained in:
@@ -338,6 +338,10 @@ Example (\texttt{malloc}): \\
|
||||
\texttt{return 0x1234; errno 0}, \\
|
||||
\texttt{return -1; errno ENOMEM}.
|
||||
|
||||
Some libc functions return their results via a pointer which was previously given to them as an argument.
|
||||
The \texttt{pipe} function is called with an \texttt{int} array of size two as argument and stores its two pipe ends into this array.
|
||||
The \texttt{read} function is called with a pointer to a buffer and a corresponding size and stores its read data into this buffer.
|
||||
|
||||
Example (\texttt{pipe}): \\
|
||||
\texttt{return 0; errno 0; fildes=[3,4]}, \\
|
||||
\texttt{return -1; errno ENFILE}.
|
||||
@@ -346,7 +350,6 @@ Example (\texttt{read}): \\
|
||||
\texttt{return 12; errno 0; buf=0x7fff70:"Hello World!"}, \\
|
||||
\texttt{return -1; errno EINTR}.
|
||||
|
||||
\todo{Explain Examples}
|
||||
|
||||
|
||||
\section{Determining Function Call Location}\label{sec:determining-function-call-location}
|
||||
@@ -558,7 +561,7 @@ Furthermore, it is possible to check various pre- and post-conditions for each f
|
||||
This is beneficial because many library functions in C rely on these pre- and post-conditions, which are not enforced by the compiler or in any other way.
|
||||
|
||||
For example, the \texttt{malloc} function has the post-condition that the returned value later needs to be passed to \texttt{free} to avoid memory leaks.
|
||||
The \texttt{free} function, on the other hand, has the pre-condition that the passed value was previously acquired using \texttt{malloc} and may not be yet free'd.
|
||||
The \texttt{free} function, on the other hand, has the pre-condition that the passed value was previously acquired using \texttt{malloc} and may not be yet freed.
|
||||
Any violation of such pre- and post-conditions may be reported as non-compliant behavior.
|
||||
\cite{malloc.3}
|
||||
|
||||
@@ -568,13 +571,34 @@ Another important post-condition of most library functions is the return value,
|
||||
However, intercepting of calls alone may not be able to verify if a program really checks the return value of a function and acts accordingly.
|
||||
Chapter~\ref{ch:manipulating-function-calls} shows how this problem may be solved.
|
||||
|
||||
|
||||
\subsection{Validating Memory Management}\label{subsec:testing-memory-management}
|
||||
|
||||
Lorem Ipsum.
|
||||
(malloc, calloc, realloc, free, getaddrinfo, freeaddrinfo).
|
||||
The most basic memory management functions in the C standard library are the following.
|
||||
|
||||
\begin{description}
|
||||
\item[\texttt{malloc}, \texttt{calloc}]
|
||||
Allocate memory. \cite{malloc.3}
|
||||
\item[\texttt{realloc}, \texttt{reallocarray}]
|
||||
Change the size of a previously allocated memory block and possibly move the block to another position in virtual memory. \cite{malloc.3}
|
||||
\item[\texttt{free}]
|
||||
Free previously allocated memory. \cite{malloc.3}
|
||||
\item[\texttt{getaddrinfo}]
|
||||
Allocate and initialize a linked list of \texttt{addrinfo} structures. \cite{getaddrinfo.3}
|
||||
\item[\texttt{freeaddrinfo}]
|
||||
Frees memory previously allocated by \texttt{getaddrinfo} for the dynamically allocated linked list. \cite{getaddrinfo.3}
|
||||
\item[\texttt{getline}, \texttt{getdelim}]
|
||||
Used to split strings.
|
||||
Allocate memory on their own, which must be freed afterward. \cite{getline.3}
|
||||
\end{description}
|
||||
|
||||
By only intercepting these functions, it is possible to check if all allocated memory blocks in a simple program were properly allocated and freed.
|
||||
|
||||
|
||||
\subsection{Validating Resource Management}\label{subsec:validating-resource-management}
|
||||
|
||||
Lorem Ipsum.
|
||||
(open, close, socket, \dots).
|
||||
Besides memory management, the proper use of other resources, most notably file descriptors, may be checked.
|
||||
Many functions in the C standard library rely on file descriptors.
|
||||
It may be checked if file descriptors were properly acquired, if only previously acquired file descriptors are used, and if these file descriptors are closed after their use.
|
||||
Relevant for this work are also semaphores because they do not rely on file descriptor in their API\@.
|
||||
Due to time restrictions, no detailed list for validating resource management has been put together.
|
||||
|
||||
@@ -37,6 +37,12 @@
|
||||
@manual{malloc.3,
|
||||
title = {malloc(3) -- Library Functions Manual -- Linux manual pages},
|
||||
}
|
||||
@manual{getaddrinfo.3,
|
||||
title = {getaddrinfo(3) -- Library Functions Manual -- Linux manual pages},
|
||||
}
|
||||
@manual{getline.3,
|
||||
title = {getline(3) -- Library Functions Manual -- Linux manual pages},
|
||||
}
|
||||
@book{netsectools2005,
|
||||
author = {Dhanjani, Nitesh and Clarke, Justin},
|
||||
title = {Network Security Tools},
|
||||
|
||||
Reference in New Issue
Block a user