Zipr++: Exceptional Binary Rewriting
|
|
|
- Oswald Moore
- 6 years ago
- Views:
Transcription
1 Zipr++: Exceptional Binary Rewriting Jason Hiser, Anh Nguyen-Tuong, William Hawkins, Matthew McGill, Michele Co, Jack Davidson University of Virginia
2 Motivation Why do binary rewriters care about EH? Required by the x86-64 ABI C++ supports exceptions, many programs use them Rust, Ada exceptions essentially required More than just exception handling (EH) Stack unwinding pthread_exit Profiling, debugging A pin and win strategy only goes so far Limits efficiency (pinned calls) Limits possible transforms (e.g., stack frame size) Limits randomization (pinned return addresses) 2
3 Unwinding with ELF Common Info. Entry Shared 1-2 per ELF.eh_frame CIE 1 Personality: Program: DP 1 DP 2 Personality is generic unwind this frame function.text cpp_personality: Function range Frame Description Entry Per function FDE 1 FDE 2 FDE 3 CIE: Start: &func3 Size: 120 Program: DP 3 DP 4 DP 5 LSDA: DWARF Program Specifies how to unwind Language specific data area func3: call string() call func1 ret func3_lp: call ~string() 3
4 Catching Exceptions Call Site Table One entry per call Action Table One entry per catch Type Table Pointers to types caught.gcc_except_table LSDA3 CS tab len: 1 CS table[0]: CS Start: CS Size: 5 Landing pad: Action: Action table[0]: Type: Next: null Type Table[0]: Type: Landing Pad Per function cleanup (call destructors) and rethrow if not caught.text cpp_personality: func3: call string() call func1 ret func3_lp: call ~string().rodata std::type_info for int Language specific data area 4
5 EH in ELF.eh_frame_hdr &func1 FDE: &func2 FDE: &func3 FDE: Header for quick lookup via binary search FDE 1.eh_frame CIE 1 Personality: Program: DP 1 DP 2 FDE 2 FDE 3 CIE: Start: &func3 Size: 120 Program: DP 3 DP 4 DP 5 LSDA:.gcc_except_table LSDA3 CS tab len: 1 CS table[0]: CS Start: CS Size: 5 Landing pad: Action: Action table[0]: Type: Next: null Type Table[0]: Type:.text cpp_personality: func3: call string() call func1 ret func3_lp: call ~string().rodata std::type_info for int 5
6 Modifying the EH info Modification in place (patching) Fields are variably length-encoded and PC-relative small change requires full table rewrite Range-based hard for per-instruction edits Places lots of burden on transformation Build IR instead! 6
7 Zipr++ Architecture IR Construction IR Manipulation IR Instantiation Disassembly User-specified Transforms Binary Construction Binary CFG Construction Code Layout Modified Binary EH Frame IR Construction EH Frame Manipulation EH Frame IR Instantiation Functions Instructions Data EH Frame IR Database 7
8 Modifying the EH info Step 1: Deconstruct to IR Parse the EH info Throw away all the encodings, ranges, etc. Record essentials in the IR The dwarf program with each instruction Catch information for each call site 8
9 Modifying the EH info Step 2: Manipulate during transformation C++ API to access EH IR Most transforms can ignore completely Examples Stack Layout Transform Updates dwarf program to update location of return address relative to stack pointer 1 C++ class, ~285 LOC Stamp (xor) return addresses Updates how to read the return address from the stack 1 function, 72 LOC 9
10 Modifying the EH info Step 3: Reconstruct Layout code (already done by Zipr) Simple greedy scans code top to bottom Extend current FDE or create new FDE as necessary Re-use existing or create new CIE as necessary Create an LSDA for each FDE if required Generate/compress tables Emit/generate assembly 10
11 Evaluation (Null Transform) 2.50 Performance Overhead Optimized Code Layout Optimized Code Layout with EH Frame Rewriting 11% 3% 11
12 Stack Padding 2.00 Normalized Execution Time ?? SLX Optimized Code Layout SLX Optimized Code Layout with EH Frame Rewriting 12
13 Related Work Static rewriters that require compiler support ATOM, Diablo, etc. Other static rewriters without support EH SecondWrite, UROBOROS, Ramblr, etc. Dynamic Rewriters Strata, Pin, DynamoRIO 13
14 Summary Handling EH info is important C++, Rust, Ada Pthreads, debugging, profiling, performance Much EH information is about encoding or compression Lesson Learned: Discard simpler! Performance gains are real! 14
System V Application Binary Interface Linux Extensions Version 0.1
System V Application Binary Interface Linux Extensions Version 0.1 Edited by H.J. Lu 1 November 28, 2018 1 hongjiu.lu@intel.com Contents 1 About this Document 4 1.1 Related Information.........................
Fosdem perf status on ARM and ARM64
Fosdem 2015 perf status on ARM and ARM64 jean.pihet@newoldbits.com 1 Contents Introduction Scope of the presentation Supported tools Call stack unwinding General Methods Corner cases ARM and ARM64 support
Building Binary Optimizer with LLVM
Building Binary Optimizer with LLVM Maksim Panchenko maks@fb.com BOLT Binary Optimization and Layout Tool Built in less than 6 months x64 Linux ELF Runs on large binary (HHVM, non-jitted part) Improves
Giridhar Ravipati University of Wisconsin, Madison. The Deconstruction of Dyninst: Part 1- the SymtabAPI
The Deconstruction of Dyninst Part 1: The SymtabAPI Giridhar Ravipati University of Wisconsin, Madison April 2007 Motivation Binary tools are increasingly common Two categories of operation Analysis :
C++ for System Developers with Design Pattern
C++ for System Developers with Design Pattern Introduction: This course introduces the C++ language for use on real time and embedded applications. The first part of the course focuses on the language
Short Notes of CS201
#includes: Short Notes of CS201 The #include directive instructs the preprocessor to read and include a file into a source code file. The file name is typically enclosed with < and > if the file is a system
CS201 - Introduction to Programming Glossary By
CS201 - Introduction to Programming Glossary By #include : The #include directive instructs the preprocessor to read and include a file into a source code file. The file name is typically enclosed with
Exception Namespaces C Interoperability Templates. More C++ David Chisnall. March 17, 2011
More C++ David Chisnall March 17, 2011 Exceptions A more fashionable goto Provides a second way of sending an error condition up the stack until it can be handled Lets intervening stack frames ignore errors
Advances in Linux process forensics with ECFS
Advances in Linux process forensics with ECFS Quick history Wanted to design a process snapshot format native to VMA Vudu http://www.bitlackeys.org/#vmavudu ECFS proved useful for other projects as well
PRESENTED BY: SANTOSH SANGUMANI & SHARAN NARANG
PRESENTED BY: SANTOSH SANGUMANI & SHARAN NARANG Table of contents Introduction Binary Disassembly Return Address Defense Prototype Implementation Experimental Results Conclusion Buffer Over2low Attacks
Project Compiler. CS031 TA Help Session November 28, 2011
Project Compiler CS031 TA Help Session November 28, 2011 Motivation Generally, it s easier to program in higher-level languages than in assembly. Our goal is to automate the conversion from a higher-level
Object Code Emission & llvm-mc
Object Code Emission & llvm-mc LLVM Developers Meeting, 2009 Cupertino, CA Bruno Cardoso Lopes bruno.cardoso@gmail.com Introduction Motivation Background Actual Code Emission Object Code Emission llvm-mc
Implementation of Breakpoints in GDB for Sim-nML based Architectures
Implementation of Breakpoints in GDB for Sim-nML based Architectures CS499 Report by Amit Gaurav Y3036 under the guidance of Prof. Rajat Moona Department of Computer Science and Engineering Indian Institute
Exploiting the Hard-Working DWARF
Exploiting the Hard-Working DWARF PH-Neutral W00T 2011 0x7db James Oakley & Sergey Bratus Dartmouth College Trust Lab May 28, 2011 Executive Summary All GCC-compiled binaries that support exception handling
Control Flow Integrity for COTS Binaries Report
Control Flow Integrity for COTS Binaries Report Zhang and Sekar (2013) January 2, 2015 Partners: Instructor: Evangelos Ladakis Michalis Diamantaris Giorgos Tsirantonakis Dimitris Kiosterakis Elias Athanasopoulos
Overview. Constructors and destructors Virtual functions Single inheritance Multiple inheritance RTTI Templates Exceptions Operator Overloading
How C++ Works 1 Overview Constructors and destructors Virtual functions Single inheritance Multiple inheritance RTTI Templates Exceptions Operator Overloading Motivation There are lot of myths about C++
https://github.com/aguinet/dragon EuroLLVM Adrien Guinet 2018/04/17
DragonFFI Foreign Function Interface and JIT for C code https://github.com/aguinet/dragon EuroLLVM 2018 - Adrien Guinet (@adriengnt) 2018/04/17 Content of this talk whoami FFI? (and related work) FFI for
The new LLVM exception handling scheme
The new LLVM exception handling scheme Duncan Sands DeepBlueCapital / CNRS Control flow try { MayThrowSomething(); AnotherFunctionCall(); catch (int i) { catch (class A a) { Control flow try { MayThrowSomething();
Where Does Global Static Local Register Variables Memory And C Program Instructions Get Stored
Where Does Global Static Local Register Variables Memory And C Program Instructions Get Stored global/static variables go into different RAM memory segments depending on local register variables free memory
Bill Bridge. Oracle Software Architect NVM support for C Applications
JANUARY 20, 2015, SAN JOSE, CA Bill Bridge PRESENTATION TITLE GOES HERE Place Speaker Photo Here if Available Oracle Software Architect NVM support for C Applications Overview Oracle has developed a NVM
CS11 Advanced C++ Fall Lecture 3
CS11 Advanced C++ Fall 2006-2007 Lecture 3 Today s Topics C++ Standard Exceptions Exception Cleanup Fun with Exceptions Exception Specifications C++ Exceptions Exceptions are nice for reporting many errors
Software Security II: Memory Errors - Attacks & Defenses
1 Software Security II: Memory Errors - Attacks & Defenses Chengyu Song Slides modified from Dawn Song 2 Administrivia Lab1 Writeup 3 Buffer overflow Out-of-bound memory writes (mostly sequential) Allow
SABLEJIT: A Retargetable Just-In-Time Compiler for a Portable Virtual Machine p. 1
SABLEJIT: A Retargetable Just-In-Time Compiler for a Portable Virtual Machine David Bélanger dbelan2@cs.mcgill.ca Sable Research Group McGill University Montreal, QC January 28, 2004 SABLEJIT: A Retargetable
A program execution is memory safe so long as memory access errors never occur:
A program execution is memory safe so long as memory access errors never occur: Buffer overflows, null pointer dereference, use after free, use of uninitialized memory, illegal free Memory safety categories
Binary Code Analysis: Concepts and Perspectives
Binary Code Analysis: Concepts and Perspectives Emmanuel Fleury LaBRI, Université de Bordeaux, France May 12, 2016 E. Fleury (LaBRI, France) Binary Code Analysis: Concepts
Shuffler: Fast and Deployable Continuous Code Re-Randomization
Shuffler: Fast and Deployable Continuous Code Re-Randomization David Williams-King, Graham Gobieski, Kent Williams-King, James P. Blake, Xinhao Yuan, Patrick Colp, Michelle Zheng, Vasileios P. Kemerlis,
ECE 498 Linux Assembly Language Lecture 1
ECE 498 Linux Assembly Language Lecture 1 Vince Weaver http://www.eece.maine.edu/ vweaver vincent.weaver@maine.edu 13 November 2012 Assembly Language: What s it good for? Understanding at a low-level what
Using Off-the-Shelf Exception Support Components in C++ Verification
Using Off-the-Shelf Exception Support Components in C++ Verification Vladimír Štill Faculty of Informatics, Masaryk University Brno, Czech Republic Email: xstill@fi.muni.cz Petr Ročkai Faculty of Informatics,
Understanding Executables Working Group
Center for Scalable Application Development Software Understanding Executables Working Group CScADS Petascale Performance Tools Workshop, July 2007 1 Working Group Members Drew Bernat Robert Cohn Mike
CGS 2405 Advanced Programming with C++ Course Justification
Course Justification This course is the second C++ computer programming course in the Computer Science Associate in Arts degree program. This course is required for an Associate in Arts Computer Science
ECE 471 Embedded Systems Lecture 4
ECE 471 Embedded Systems Lecture 4 Vince Weaver http://www.eece.maine.edu/ vweaver vincent.weaver@maine.edu 12 September 2013 Announcements HW#1 will be posted later today For next class, at least skim
Handling Self Modifying Code Using Software Dynamic Translation
Handling Self Modifying Code Using Software Dynamic Translation Joy W. Kamunyori University of Virginia jkamunyori@cs.virginia.edu 1. Problem and Motivation The term self modifying code refers to code
ECE 471 Embedded Systems Lecture 6
ECE 471 Embedded Systems Lecture 6 Vince Weaver http://web.eece.maine.edu/~vweaver vincent.weaver@maine.edu 17 September 2018 Announcements HW#2 was posted, it is due Friday 1 Homework #1 Review Characteristics
CMPT 379 Compilers. Parse trees
CMPT 379 Compilers Anoop Sarkar http://www.cs.sfu.ca/~anoop 10/25/07 1 Parse trees Given an input program, we convert the text into a parse tree Moving to the backend of the compiler: we will produce intermediate
Building Advanced Coverage-guided Fuzzer for Program Binaries
Building Advanced Coverage-guided Fuzzer for Program Binaries NGUYEN Anh Quynh WEI Lei 17/11/2017 Zero Nights, Moscow 2017 Self-introduction NGUYEN Anh Quynh, PhD
Intro to Cracking and Unpacking. Nathan Rittenhouse
Intro to Cracking and Unpacking Nathan Rittenhouse nathan_@mit.edu Keygenning Take this crackme: http://crackmes.de/users/moofy/crackme_2 Write a key generator Process Watch where user data is inputted
CS24: INTRODUCTION TO COMPUTING SYSTEMS. Spring 2015 Lecture 11
CS24: INTRODUCTION TO COMPUTING SYSTEMS Spring 2015 Lecture 11 EXCEPTION HANDLING! Many higher-level languages provide exception handling! Concept: One part of the program knows how to detect a problem,
CS 4240: Compilers and Interpreters Project Phase 1: Scanner and Parser Due Date: October 4 th 2015 (11:59 pm) (via T-square)
CS 4240: Compilers and Interpreters Project Phase 1: Scanner and Parser Due Date: October 4 th 2015 (11:59 pm) (via T-square) Introduction This semester, through a project split into 3 phases, we are going
Core object model EO / EFL++
Core object model EO / EFL++ Carsten Haitzler Samsung Electronics Principal Engineer Enlightenment/EFL Founder c.haitzler@samsung.com EFL + Elementary 2 A toolkit somwhere between GTK+ and Qt in breadth
Intermediate Representations
Intermediate Representations Where In The Course Are We? Rest of the course: compiler writer needs to choose among alternatives Choices affect the quality of compiled code time to compile There may be
Raima Database Manager Version 14.1 In-memory Database Engine
+ Raima Database Manager Version 14.1 In-memory Database Engine By Jeffrey R. Parsons, Chief Engineer November 2017 Abstract Raima Database Manager (RDM) v14.1 contains an all new data storage engine optimized
Connecting the EDG front-end to LLVM. Renato Golin, Evzen Muller, Jim MacArthur, Al Grant ARM Ltd.
Connecting the EDG front-end to LLVM Renato Golin, Evzen Muller, Jim MacArthur, Al Grant ARM Ltd. 1 Outline Why EDG Producing IR ARM support 2 EDG Front-End LLVM already has two good C++ front-ends, why
CS201 Lecture 2 GDB, The C Library
CS201 Lecture 2 GDB, The C Library RAOUL RIVAS PORTLAND STATE UNIVERSITY Announcements 2 Multidimensional Dynamically Allocated Arrays Direct access support. Same as Multidimensional Static Arrays No direct
CS201 Some Important Definitions
CS201 Some Important Definitions For Viva Preparation 1. What is a program? A program is a precise sequence of steps to solve a particular problem. 2. What is a class? We write a C++ program using data
DRuntime and You David Nadlinger ETH Zurich
DRuntime and You David Nadlinger (@klickverbot) ETH Zurich Agenda Warmup: TypeInfo and ModuleInfo Exception handling Garbage collection Thread-local storage Fibers Interlude: C program startup Shared
Introduction to Programming Using Java (98-388)
Introduction to Programming Using Java (98-388) Understand Java fundamentals Describe the use of main in a Java application Signature of main, why it is static; how to consume an instance of your own class;
Today s Big Adventure
1/34 Today s Big Adventure - How to name and refer to things that don t exist yet - How to merge separate name spaces into a cohesive whole Readings - man a.out & elf on a Solaris machine - run nm or objdump
Ramblr. Making Reassembly Great Again
Ramblr Making Reassembly Great Again Ruoyu Fish Wang, Yan Shoshitaishvili, Antonio Bianchi, Aravind Machiry, John Grosen, Paul Grosen, Christopher Kruegel, Giovanni Vigna Motivation Available Solutions
Intermediate representation
Intermediate representation Goals: encode knowledge about the program facilitate analysis facilitate retargeting facilitate optimization scanning parsing HIR semantic analysis HIR intermediate code gen.
CS24: INTRODUCTION TO COMPUTING SYSTEMS. Spring 2018 Lecture 11
CS24: INTRODUCTION TO COMPUTING SYSTEMS Spring 2018 Lecture 11 EXCEPTION HANDLING Many higher-level languages provide exception handling Concept: One part of the program knows how to detect a problem,
Modifying Binaries with Dyninst
Modifying Binaries with Dyninst Andrew Bernat, Bill Williams Paradyn Project Paradyn / Dyninst Week College Park, Maryland March 26-28, 2012 Binary Modification Predicate switching Insert error checking
Warm-up question (CS 261 review) What is the primary difference between processes and threads from a developer s perspective?
Warm-up question (CS 261 review) What is the primary difference between processes and threads from a developer s perspective? CS 470 Spring 2018 POSIX Mike Lam, Professor Multithreading & Pthreads MIMD
This manual is for Libffi, a portable foreign-function interface library. Copyright c 2008, 2010, 2011 Red Hat, Inc. Permission is granted to copy,
Libffi This manual is for Libffi, a portable foreign-function interface library. Copyright c 2008, 2010, 2011 Red Hat, Inc. Permission is granted to copy, distribute and/or modify this document under the
Fall Compiler Principles Lecture 12: Register Allocation. Roman Manevich Ben-Gurion University
Fall 2014-2015 Compiler Principles Lecture 12: Register Allocation Roman Manevich Ben-Gurion University Syllabus Front End Intermediate Representation Optimizations Code Generation Scanning Lowering Local
Arithmetic and Bitwise Operations on Binary Data
Arithmetic and Bitwise Operations on Binary Data CSCI 2400: Computer Architecture ECE 3217: Computer Architecture and Organization Instructor: David Ferry Slides adapted from Bryant & O Hallaron s slides
Software Exploit Prevention and Remediation via Software Memory Protection
Software Exploit Prevention and Remediation via Software Memory Protection PIs: Clark Coleman, Jack Davidson, David Evans, John Knight, and Anh Nguyen-Tuong Department of Computer Science, University of
Cpt S 122 Data Structures. Templatized Stack
Cpt S 122 Data Structures Templatized Stack Nirmalya Roy School of Electrical Engineering and Computer Science Washington State University Test # 2 Jia XU (Lab Section 3) Xiaoyu Zhang (Lab Section 3) Anh
Variables vs. Registers/Memory. Simple Approach. Register Allocation. Interference Graph. Register Allocation Algorithm CS412/CS413
Variables vs. Registers/Memory CS412/CS413 Introduction to Compilers Tim Teitelbaum Lecture 33: Register Allocation 18 Apr 07 Difference between IR and assembly code: IR (and abstract assembly) manipulate
CS 240 Final Exam Review
CS 240 Final Exam Review Linux I/O redirection Pipelines Standard commands C++ Pointers How to declare How to use Pointer arithmetic new, delete Memory leaks C++ Parameter Passing modes value pointer reference
Vive Input Utility Developer Guide
Vive Input Utility Developer Guide vivesoftware@htc.com Abstract Vive Input Utility is a tool based on the SteamVR plugin that allows developers to access Vive device status in handy way. We also introduce
Bits and Bytes. Why bits? Representing information as bits Binary/Hexadecimal Byte representations» numbers» characters and strings» Instructions
Bits and Bytes Topics Why bits? Representing information as bits Binary/Hexadecimal Byte representations» numbers» characters and strings» Instructions Bit-level manipulations Boolean algebra Expressing
Exception Safe Coding
Exception Safe Coding Dirk Hutter hutter@compeng.uni-frankfurt.de Prof. Dr. Volker Lindenstruth FIAS Frankfurt Institute for Advanced Studies Goethe-Universität Frankfurt am Main, Germany http://compeng.uni-frankfurt.de
A Platform for Secure Static Binary Instrumentation
A Platform for Secure Static Binary Instrumentation Mingwei Zhang, Rui Qiao, Niranjan Hasabnis and R. Sekar Stony Brook University VEE 2014 Work supported in part by grants from AFOSR, NSF and ONR Motivation
pthreads CS449 Fall 2017
pthreads CS449 Fall 2017 POSIX Portable Operating System Interface Standard interface between OS and program UNIX-derived OSes mostly follow POSIX Linux, macos, Android, etc. Windows requires separate
Software Exploit Prevention and Remediation via Software Memory Protection
Software Exploit Prevention and Remediation via Software Memory Protection PIs: Clark Coleman, Jack Davidson, David Evans, John Knight, and Anh Nguyen-Tuong Department of Computer Science, University of
Lecture 10. Dynamic Analysis
Lecture 10. Dynamic Analysis Wei Le Thank Xiangyu Zhang, Michael Ernst, Tom Ball for Some of the Slides Iowa State University 2014.11 Outline What is dynamic analysis? Instrumentation Analysis Representing
Stack frame unwinding on ARM
Stack frame unwinding on ARM Ken Werner LDS, Budapest 2011 http:/www.linaro.org why? Who needs to unwind the stack? C++ exceptions GDB anyone who wants to display the call chain Unwinding in General How
An Insight Into Inheritance, Object Oriented Programming, Run-Time Type Information, and Exceptions PV264 Advanced Programming in C++
An Insight Into Inheritance, Object Oriented Programming, Run-Time Type Information, and Exceptions PV264 Advanced Programming in C++ Nikola Beneš Jan Mrázek Vladimír Štill Faculty of Informatics, Masaryk
Trends in Open Source Security. FOSDEM 2013 Florian Weimer Red Hat Product Security Team
Trends in Open Source Security FOSDEM 2013 Florian Weimer fweimer@redhat.com Red Hat Product Security Team 2013-02-02 Overview 2 Vulnerability tracking Tool-chain hardening Distribution-wide defect analysis
Generating Programs and Linking. Professor Rick Han Department of Computer Science University of Colorado at Boulder
Generating Programs and Linking Professor Rick Han Department of Computer Science University of Colorado at Boulder CSCI 3753 Announcements Moodle - posted last Thursday s lecture Programming shell assignment
Review sheet for Final Exam (List of objectives for this course)
Review sheet for Final Exam (List of objectives for this course) Please be sure to see other review sheets for this semester Please be sure to review tests from this semester Week 1 Introduction Chapter
EL2310 Scientific Programming
Lecture 14: Object Oriented Programming in C++ (ramviyas@kth.se) Overview Overview Lecture 14: Object Oriented Programming in C++ Classes (cont d) More on Classes and Members Group presentations Last time
Outline. CS4254 Computer Network Architecture and Programming. Introduction 2/4. Introduction 1/4. Dr. Ayman A. Abdel-Hamid.
Threads Dr. Ayman Abdel-Hamid, CS4254 Spring 2006 1 CS4254 Computer Network Architecture and Programming Dr. Ayman A. Abdel-Hamid Computer Science Department Virginia Tech Threads Outline Threads (Chapter
Exception Handling in C++
Exception Handling in C++ Professor Hugh C. Lauer CS-2303, System Programming Concepts (Slides include materials from The C Programming Language, 2 nd edition, by Kernighan and Ritchie, Absolute C++, by
PTX WRITER'S GUIDE TO INTEROPERABILITY
PTX WRITER'S GUIDE TO INTEROPERABILITY TRM-06721-001_v9.1 April 2018 Reference Guide TABLE OF CONTENTS Chapter 1. Introduction...1 Chapter 2. Data Representation... 2 2.1. Fundamental Types... 2 2.2. Aggregates
IS 0020 Program Design and Software Tools
1 Introduction 2 IS 0020 Program Design and Software Tools Exception Handling Lecture 12 November 23, 200 Exceptions Indicates problem occurred in program Not common An "exception" to a program that usually
Malware
reloaded Malware Research Team @ @xabiugarte Motivation Design principles / architecture Features Use cases Future work Dynamic Binary Instrumentation Techniques to trace the execution of a binary (or
TMS470 ARM ABI Migration
TMS470 ARM ABI Migration Version Primary Author(s) V0.1 Anbu Gopalrajan V0.2 Anbu Gopalrajan Revision History Description of Version Date Completed Initial Draft 10/29/2006 Added C auto initialization
A hybrid approach to application instrumentation
A hybrid approach to application instrumentation Ashay Rane, Leo Fialho and James Browne 4 th August, 2014 Petascale Tools Workshop 1 Program Instrumentation What is instrumentation? Addition of statements
The SECURE Project and GCC
The SECURE Project and GCC Security Enhancing Compilers for Use in Real-world Environments Speaker: Graham Markall graham.markall@embecosm.com Contributors: Jeremy Bennett, Craig Blackmore, Simon Cook,
Installing Data8 PredictiveAddress for Microsoft Dynamics 365/CRM
Installing Data8 PredictiveAddress for Microsoft Dynamics 365/CRM Contents Obtaining an Ajax API Key... 2 Installing the solution... 3 Configuring the postcode lookup system... 6 Adding postcode lookup
C++ Application Binary Interface Standard for the ARM 64-bit Architecture
C++ Application Binary Interface Standard for the ARM 64-bit Architecture Document number: ARM IHI 0059B, current through AArch64 ABI release 1.0 Date of Issue: 22 nd May 2013 Abstract This document describes
Object Oriented Programming CS250
Object Oriented Programming CS250 Abas Computer Science Dept, Faculty of Computers & Informatics, Zagazig University arabas@zu.edu.eg http://www.arsaliem.faculty.zu.edu.eg Polymorphism Chapter 8 8.1 Static
CS 6V Control-Flow Integrity Principles, Implementations, and Applications. Sureshbabu Murugesan
CS 6V81-05 Control-Flow Integrity Principles, Implementations, and Applications Sureshbabu Murugesan Department of Computer Science University of Texas at Dallas February 29 th, 2012 Outline 1 Overview
Protecting Against Unexpected System Calls
Protecting Against Unexpected System Calls C. M. Linn, M. Rajagopalan, S. Baker, C. Collberg, S. K. Debray, J. H. Hartman Department of Computer Science University of Arizona Presented By: Mohamed Hassan
Runtime Defenses against Memory Corruption
CS 380S Runtime Defenses against Memory Corruption Vitaly Shmatikov slide 1 Reading Assignment Cowan et al. Buffer overflows: Attacks and defenses for the vulnerability of the decade (DISCEX 2000). Avijit,
Lecture 15a Persistent Memory & Shared Pointers
Lecture 15a Persistent Memory & Shared Pointers Dec. 5 th, 2017 Jack Applin, Guest Lecturer 2017-12-04 CS253 Fall 2017 Jack Applin & Bruce Draper 1 Announcements PA9 is due today Recitation : extra help
ECE 598 Advanced Operating Systems Lecture 10
ECE 598 Advanced Operating Systems Lecture 10 Vince Weaver http://web.eece.maine.edu/~vweaver vincent.weaver@maine.edu 22 February 2018 Announcements Homework #5 will be posted 1 Blocking vs Nonblocking
Cake: a tool for adaptation of object code
Cake: a tool for adaptation of object code Stephen Kell Stephen.Kell@cl.cam.ac.uk Computer Laboratory University of Cambridge Cake... p.1/32 Some familiar problems Software is expensive to develop expensive
Control Flow Integrity
Control Flow Integrity Outline CFI Control Flow Integrity at Source Code Level BinCFI CFI for Binary Executables BinCC Binary Code Continent vfguard CFI Policy for Virtual Function Calls 1 M. Abadi, M.
Lecture 2: C Programm
0 3 E CS 1 Lecture 2: C Programm ing C Programming Procedural thought process No built in object abstractions data separate from methods/functions Low memory overhead compared to Java No overhead of classes
Memory Safety (cont d) Software Security
Memory Safety (cont d) Software Security CS 161: Computer Security Prof. Raluca Ada Popa January 17, 2016 Some slides credit to David Wagner and Nick Weaver Announcements Discussion sections and office
class Polynomial { public: Polynomial(const string& N = "no name", const vector<int>& C = vector<int>());... };
Default Arguments 1 When declaring a C++ function, you may optionally specify a default value for function parameters by listing initializations for them in the declaration: class Polynomial { public:
Lecture 5-6: Bits, Bytes, and Integers
CSCI-UA.0201-003 Computer Systems Organization Lecture 5-6: Bits, Bytes, and Integers Mohamed Zahran (aka Z) mzahran@cs.nyu.edu http://www.mzahran.com Slides adapted from: Jinyang Li Bryant and O Hallaron
DDMD AND AUTOMATED CONVERSION FROM C++ TO D
1 DDMD AND AUTOMATED CONVERSION FROM C++ TO D Daniel Murphy (aka yebblies ) ABOUT ME Using D since 2009 Compiler contributor since 2011 2 OVERVIEW Why convert the frontend to D What s so hard about it
Representing and Manipulating Integers. Jo, Heeseung
Representing and Manipulating Integers Jo, Heeseung Unsigned Integers Encoding unsigned integers B [ bw 1, bw 2,..., b0 ] x = 0000 0111 1101 0011 2 D( B) w 1 b i i 0 2 i D(x) = 2 10 + 2 9 + 2 8 + 2 7 +
Today s Big Adventure
Today s Big Adventure - How to name and refer to things that don t exist yet - How to merge separate name spaces into a cohesive whole Readings - man a.out & elf on a Solaris machine - run nm or objdump
Operating Systems CMPSCI 377 Spring Mark Corner University of Massachusetts Amherst
Operating Systems CMPSCI 377 Spring 2017 Mark Corner University of Massachusetts Amherst Last Class: Intro to OS An operating system is the interface between the user and the architecture. User-level Applications
CSE 351. GDB Introduction
CSE 351 GDB Introduction Lab 2 Out either tonight or tomorrow Due April 27 th (you have ~12 days) Reading and understanding x86_64 assembly Debugging and disassembling programs Today: General debugging
Register allocation. TDT4205 Lecture 31
1 Register allocation TDT4205 Lecture 31 2 Variables vs. registers TAC has any number of variables Assembly code has to deal with memory and registers Compiler back end must decide how to juggle the contents