Global Sources
EE Times-Asia
Stay in touch with EE Times Asia
EE Times-Asia > Embedded

Static vs dynamic analysis for code devt (Part 2)

Posted: 06 Sep 2013 ?? ?Print Version ?Bookmark and Share

Keywords:dynamic code analysis? buffer overflow? virtual private network? VPN? deallocation?

The context-switch function can simply compare the stack pointer of the thread about to be executed with the thread's runtime stack bounds.

On most computers, stacks grow downward to lower addresses, so a comparison that shows a stack pointer below the bottom of its allocated stack segment would generate an alarm, audit record, and so on. Readers should consult operating system documentation for the common context-switch hook feature.

Memory leaks
One of the major reliability benefits touted by the Java language is its avoidance of programmer-controlled dynamic heap memory allocation by using automatic garbage collection.

However, many embedded applications use dynamic memory allocation and suffer from vulnerabilities due to improper memory management errors. Many such errors can be prevented via dynamic code analysis.

Memory leaks are one class of memory management error. A memory leak occurs when a function allocates memory but never releases it. If the function is called sporadically, then the loss of memory may be gradual, escaping detection until a system is field deployed.

Furthermore, if an attacker is aware of a leaking function, it can focus its attention on causing the function to be executed, draining the system of memory resources and forcing a system failure.

A search of the memory leak vulnerabilities in the NIST's National Vulnerability Database uncovers numerous instances in commercial products, including security appliances. For example, CVE-2010-2836 is a recent high-severity security vulnerability identified in the SSL virtual private network (VPN) feature of Cisco's network appliance operating system called IOS. The vulnerability enables remote attackers to cause a denial of service via memory exhaustion by improperly disconnecting SSL sessions.

Memory leak detection is a form of dynamic analysis that eliminates programmer leak vulnerabilities. Leak detection works by comparing a program's pointer references to the memory management library's outstanding allocations. A program's pointer references may reside in memory-resident data variables, runtime automatic stack storage, or CPU registers.

The memory leak detector, therefore, is usually offered as a tightly integrated feature of the developer tool chain (compiler, runtime libraries). Memory leaks can occur at any time during a program's lifetime. The runtime library can perform its memory leak detection algorithm at sensible call points (such as when memory is Allocated or released).

In addition, the user can add explicit call to the memory leak detection algorithm as a sanity check at regular intervals in time or at specific points in the application code. Leak detection can be performed during debugging, during testing, or even in a fielded product.

Ideally, the memory management library is able to record an execution call stack within its allocation database. When the leak detection algorithm identifies a leak, the call stack can be reported to the developer, making it easy to identify the specific allocation that has been left hanging. A static source code analyser should detect the simple memory leak error shown below:

void leak(void)
??char *buf = malloc(100);
??sprintf(buf, "some stuff\n");
int main()
??__malloc_findleaks(); // call the leak detector

However, as with the other cases discussed here, many forms of leaks are beyond the insight of static analysis and require dynamic leak detection. In the preceding example, the leak function allocates memory pointed to by a local variable and Never deallocates the memory.

?First Page?Previous Page 1???2???3???4?Next Page?Last Page

Article Comments - Static vs dynamic analysis for code ...
*? You can enter [0] more charecters.
*Verify code:


Visit Asia Webinars to learn about the latest in technology and get practical design tips.

Back to Top