Global Sources
EE Times-Asia
Stay in touch with EE Times Asia
?
EE Times-Asia > Embedded
?
?
Embedded??

Static vs dynamic analysis for code devt (Part 2)

Posted: 06 Sep 2013 ?? ?Print Version ?Bookmark and Share

Keywords:dynamic code analysis? buffer overflow? virtual private network? VPN? deallocation?

Upon return from the function, therefore, this memory is leaked. A call to the runtime library's leak detector will report the leak as shown below:

> gcc myfile.c echeck=memory
> ./a.out
Unreferenced memory adr=0x18d40 allocated at 0x103f4 called from 0x1043c then 0x15f18

then 0x10028

When integrated with the software development environment, the leak detection report's call stack addresses are mapped to actual source code locations, enabling the developer to more easily locate and understand the leak source (figure 1).

Figure 1: Memory leak detection integrated into software development environment.

For the precise name of the leak detection applications programming interface(API) and build time options used to enable leak detection, readers should consult a tool chain supplier.

Other dynamic memory allocation errors
With programmatic control of memory allocation and deallocation, there are many more ways for developers to shoot themselves in the foot. The following simple function shows a couple more examples:

void badalloc(void)
{
??char *buf = malloc(100);
??char localbuf[100];
??free(buf);
??free(localbuf);
??free(buf);
}

The first call to free(buf) is fine; it references a valid allocated buffer. However, the second call to free(buf) is invalid, since buf has already been deallocated.

The call to free(localbuf) is also invalid because localbuf is a local buffer, not allocated using a corresponding dynamic memory allocation call such as malloc or calloc. Similar errors in C++ occur with the operators new and delete.

Once again, static analysis can locate the errors in this example, but dynamic analysis will find other memory allocation errors that static checking cannot. For example, the following change will confuse many static analysers:

char localbuf[100];
char *b = localbuf;
void badalloc(void)
{
??free(b);
}

Because the variable b is now globally defined, a static source code analyser may assume less Knowledge about that to which b may point. Dynamic analysis detects the invalid deallocation during program execution:

> gcc myfile.c echeck=memory
> ./a.out
Attempt to free something not allocated adr=0x18484

Figure 2: A dynamic analysis error stops the program at the offending line in the debugger, making it easy for the developer to locate and fix common security vulnerabilities.

If dynamic analysis is integrated into the debugger, the preceding failure is even easier for the developer to detect and correct. As shown in figure 2 above, the debugger is automatically halted when the memory deallocation error occurs, pointing the developer to the exact offending line of code.

It goes without saying that software managers should strongly weigh the diagnostic capability of a compiler and tool chain when selecting such an important tool.

About the author
David Kleidermacher, Chief Technology Officer of Green Hills Software, joined the company in 1991 and is responsible for technology strategy, platform planning, and solutions design. He is an authority in systems software and security, including secure operating systems, virtualisation technology, and the application of high robustness security engineering principles to solve computing infrastructure problems. Mr. Kleidermacher earned his bachelor of science in computer science from Cornell University.

This article is excerpted from Embedded Systems Security by David and Mike Kleidermacher, used with permission from Newnes, a division of Elsevier. Copyright 2012. All rights reserved.

To download the PDF version of this article, click here.


?First Page?Previous Page 1???2???3???4



Article Comments - Static vs dynamic analysis for code ...
Comments:??
*? You can enter [0] more charecters.
*Verify code:
?
?
Webinars

Seminars

Visit Asia Webinars to learn about the latest in technology and get practical design tips.

?
?
Back to Top