Red Hat Enterprise Linux C++ Toolchains: 10 Tips to Drive Your Development
|
|
- Darleen Sparks
- 5 years ago
- Views:
Transcription
1 attacks much harder
2 Red Hat Enterprise Linux C++ Toolchains: 10 Tips to Drive Your Development Matt Newsome Senior Engineering Manager, Tools v1.0
3 % bit.ly/dtstalks
4 bit.ly/dtstalks
5 RED HAT ENTERPRISE LINUX TOOLCHAINS RED HAT DEVELOPER TOOLSET YOUR QUESTIONS bit.ly/dtstalks
6 TIP #1 USE THE MOST RECENT TOOLS YOU CAN
7 Toolchain Support RHEL 5 7 RHEL 6 10 YEARS OF SUPPORT RHEL 7 Fedora VERY HIGH STABILITY LIMITED NEW FEATURES bit.ly/dtstalks
8 Building with RHEL tools Application Sources BUILD Branched Sources BUILD bit.ly/dtstalks gcc x gcc y DEPLOY DEPLOY RHEL 6 RHEL 7
9 Building with RHEL tools (2) Application Sources x.1 BUILD Sources x.2 gcc x.2 Sources y.2 Sources y.3 bit.ly/dtstalks BUILD gcc y.1 gcc y.2 gcc y.3 RHEL 6.y RHEL 6.n+1 gcc x.3 Sources x.3 Application Sources y.1 gcc x.1 DEPLOY RHEL 6.n+2 DEPLOY RHEL 7.y RHEL 7.n+1 RHEL 7.n+2
10 Ideal Scenario RHEL 6 Sources Build Latest Tools Test & Deploy RHEL 7 bit.ly/dtstalks
11 RED HAT DEVELOPER TOOLSET
12 What is Red Hat Developer Toolset (DTS)? The latest stable tools for [typically C/C++] developers (Compiler, IDE, performance and other developer tools) An extra set - does not replace your existing RHEL tools RHEL 6 RHEL 7 DTS 3 and later tools run on RHEL 6 & 7 Applications built with DTS run on the same and following major release of RHEL, i.e....build with DTS 3.1 on RHEL 6, run on 6 & 7 Available with supported Red Hat Enterprise Linux Server and Workstation subscriptions v3.1 GA available today bit.ly/dtstalks
13 Developer Toolset (DTS) EL RHEL RHEL 6 & 7 x86-64 C, C++ & Fortran SOFTWARE COLLECTIONS bit.ly/dtstalks
14 SOFTWARE COLLECTIONS Structure for delivering software outside OS /opt (per Filesystem Hierarchy Standard) Different filesystem root per application version Activated via script Allows multiple versions installed in parallel Independent lifecycle from RHEL bit.ly/dtstalks
15 Developer Toolset is a Software Collection / usr gcc bin lib RHEL x.y System Compiler etc. libc.so Developer Toolset Compiler etc. opt rh dts-3.x root usr Special Invocation Separate tools, not default Lifecycle independent from RHEL root bit.ly/dtstalks enable gcc etc. enable dts-2.x bin... Internal script invoked via scl utility
16 WHAT'S INCLUDED?
17 What s in Developer Toolset v3.1? CORE TOOLS GCC 4.9 ECLIPSE IDE GDB 7.8 BINUTILS LUNA DEBUG & PERFORMANCE TOOLS SYSTEMTAP 2.6 OPROFILE VALGRIND DYNINST STRACE 4.8 MEMSTOMP DWZ-0.11 ELFUTILS LTRACE bit.ly/dtstalks SOFTWARE COLLECTIONS RUNTIME
18 What s in Developer Toolset v3.1? CORE TOOLS GCC 4.9 ECLIPSE IDE GDB 7.8 BINUTILS 2.24 SOFTWARE COLLECTIONS RUNTIME LUNA DEBUG & PERFORMANCE TOOLS SYSTEMTAP 2.6 OPROFILE VALGRIND DYNINST STRACE 4.8 MEMSTOMP DWZ-0.11 ELFUTILS LTRACE bit.ly/dtstalks KEY: NEW IN DTS3 UPDATED IN 3.1 UNCHANGED IN 3.1
19 Updated Compiler: GCC 4.9 ISO C/C++ Stds OpenMP4 / Cilk+ IPA / LTO CPU bit.ly/dtstalks C++11 library improved, experimental C++14 support Generic lambdas, var-length arrays & digit separators C11: Atomics, generic selections, thread-local storage C and C++ support for OpenMP 4.0 C/C++ language extensions for parallel programming Interprocedural analysis (IPA) improvements Link-Time Optimization (LTO) faster, smaller Intel AVX-512 target architecture support added Advanced Vector Extensions supported in binutils
20 Eclipse IDE v4.4.0 ( Luna ) [RHEL 6 and RHEL 7] bit.ly/dtstalks
21 Developer Toolset Life Cycle ANNUAL RELEASE DRIVEN BY GCC SPRING bit.ly/dtstalks SUMMER TOOLSET
22 Developer Toolset Life Cycle v2.0 MID-YEAR v2.1 2.x CRITICAL FIXES AND SECURITY UPDATES 2.x END OF SUPPORT TOOLSET v2.x FIRST YEAR SECOND YEAR bit.ly/dtstalks v3.0 MID-YEAR Annual major Mid-year minor Async updates v3.1 3.x CRITICAL FIXES & SECURITY UPDATES 3.x END OF SUPPORT TOOLSET v3.x
23 Usage EITHER Subscription # rhn-channel --add --channel=rhel-x86_64-workstation-dts-6 # yum-config-manager --enable rhel-server-dts-6-rpms { Installation # yum install devtoolset-3 Usage EITHER } { scl enable devtoolset-3 'gcc...' Click the Developer Toolset Eclipse 3.x Eclipse icon Advanced scl enable devtoolset-3 'bash...' bit.ly/dtstalks }
24 TIP #1 DEVELOPER TOOLSET
25 TIP #2 SANITIZERS
26 AddressSanitizer ( asan ) int main(int argc, char **argv) { int stack_array[100]; stack_array[1] = 0; return stack_array[argc + 100]; } // out of bounds $ gcc fsanitize=address outofbounds.c o outofbounds $./outofbounds ==3126== ERROR: AddressSanitizer: stack buffer overflow on address 0x7fff2d3afbc4 at pc 0x bp 0x7fff2d3af9f0 sp 0x7fff2d3af9e0
27 AddressSanitizer ( asan ) (2) $ gcc fsanitize=address outofbounds.c o dts outofbounds /opt/rh/devtoolset 3/root/usr/libexec/gcc/x86_64 redhat linux/4.9.2/ld: cannot find libasan_preinit.o: No such file or directory /opt/rh/devtoolset 3/root/usr/libexec/gcc/x86_64 redhat linux/4.9.2/ld: cannot find lasan collect2: error: ld returned 1 exit status For DTS you'll need to yum install devtoolset-3-libasan-devel Collision between libasan in RHEL and Developer Toolset Resolve by yum remove libasan and then yum install either libasan for RHEL 7 or libasan for DTS3 We're looking at a fix for this in a future DTS release
28 ThreadSanitizer ( tsan ) #include <pthread.h> #include <stdio.h> int Global; // global variable without any mutex, etc. void *Thread1(void *x) { Global++; return NULL; } void *Thread2(void *x) { Global ; return NULL; } int main() { pthread_t t[2]; pthread_create(&t[0], NULL, Thread1, NULL); pthread_create(&t[1], NULL, Thread2, NULL); pthread_join(t[0], NULL); pthread_join(t[1], NULL); }
29 ThreadSanitizer ( tsan ) (2) $ gcc fsanitize=thread race.cc o race $./race WARNING: ThreadSanitizer: data race (pid=12639) For DTS you'll need to yum install devtoolset-3-libtsan-devel Collision between libtsan in RHEL and Developer Toolset Resolve by yum remove libtsan and then yum install either libtsan for RHEL 7 or libtsan for DTS3 We're looking at a fix for this in a future DTS release
30 UndefinedBehaviorSanitizer ( ubsan ) #include <stdio.h> #include <limits.h> volatile int i = 23, j, *n=null, iarray[2]; main () { i <<= 32; // shift equal to promoted left operand i = INT_MIN; j = i; // overflow iarray[5] = 123; // out of bounds access *n = i; // store to a NULL pointer } $ gcc fsanitize=undefined ub.cc o ub $./ub ub.c:5:5: shift exponent 32 is too large for 32 bit 'int' ub.c:6:20: negation of cannot be represented in type 'int [2]'; cast to an unsigned type to negate this value to itself ub.c:7:9: index 5 out of bounds for type 'int [2]' ub.c:8:6: store to null pointer of type 'volatile int'
31 TIP #3 New language standards: C++11 and C++14
32 C++11 #include <iostream> int main() { // lambda function auto sum = [](int x, int y) { return x + y; }; std::cout << sum(12,5) << std::endl; std::cout << sum(13,2) << std::endl; } $ g++ std=c++11./lambda.cc o lambda $./lambda 17 15
33 C++11 and C++14 C++11 feature complete in gcc-4.9 (DTS-3.1) C++14 experimental support since same release C++11 and RHEL/DTS C++98 objects can be mixed C++11 objects need to be rebuilt across major releases of gcc (and hence DTS)
34 TIPS #4-#6 SECURITY, SECURITY, SECURITY
35 TIP #4 SECURITY: ASLR/PIE
36 Address Space Layout Randomization (ASLR) Security mechanism to counter Return Oriented Programming (ROP) ROP attacks exploit existing executable code fragments to perform unintended actions ASLR randomizes the position of binaries, making it much harder to perform these attacks Review against performance cost
37 Position Independent Executables #include <stdio.h> int main() { printf("hello PIE! (0x%x)\n", &main); } $ gcc./pie.c o pie $./pie ;./pie ;./pie Hello PIE! (0x400536) Hello PIE! (0x400536) Hello PIE! (0x400536) $ gcc fpie pie./pie.c o pie $./pie ;./pie ;./pie Hello PIE! (0x6c5d7790) Hello PIE! (0x663b3790) Hello PIE! (0x1e2e3790)
38 TIP #5 SECURITY: RELRO
39 RELocatable Read-Only (RELRO) Security mechanism to counter attacks against tables of dynamically linked function addresses A couple of variants of RELRO exist (partial and full) Reorders writeable data to follow internal data structures Review against performance cost (moves all dynamic relocation costs to startup)
40 RELRO #include int main size_t p[0] = printf } <stdio.h> (int argc, char *argv[]) { *p = (size_t *)strtol (argv[1], NULL, 16); 0xDEADBEEF; ("RELRO: %p\n", p); $ gcc w g Wl, z,relro, z,now./relro.c o relro $ readelf r./relro grep printf fd R_X86_64_JUMP_SLO... printf + 0 $ echo "r fd8" gdb q./relro Program received signal SIGSEGV, Segmentation fault. 0x c0 in main (argc=2, argv=0x7fffffffddf8)
41 TIP #6 SECURITY: MEMSTOMP
42 memcpy() calls with overlapping arguments #include <string.h> main() { char src[] = "text-to-copy"; char *dest = src + 2; // call memcpy() with overlapping args memcpy((void*)dest,(void*)src,3); return 0; } [mattn@rhel]$ gcc memcpy_bad.c -o memcpy_bad [mattn@rhel]$./memcpy_bad Segmentation fault (core dumped) bit.ly/dtstalks
43 memstomp to the rescue! memstomp./memcpy_bad memstomp: successfully initialized for process memcpy_bad (pid 28195). memcpy(dest=0x7fff103cc1c2, src=0x7fff103cc1c0, bytes=3) overlap for memcpy_bad(28195) /.../libmemstomp.so(+0x10a7) [0x7fdb4760a0a7]./memcpy_bad(main+0x45) [0x400795] /lib64/libc.so.6( libc_start_main+0xfd) [0x357fe1ed1d]./memcpy_bad() [0x400669] Indicates overlapping arguments to memcpy()...but also indicates where that call occurs bit.ly/dtstalks
44 memcpy() calls with overlapping arguments fixed #include <string.h> main() { char src[] = "text-to-copy"; char *dest = src + 5; // no longer overlaps memcpy((void*)dest,(void*)src,3); return 0; } [mattn@rhel]$ gcc memcpy_fixed.c -o memcpy_fixed [mattn@rhel]$./memcpy_fixed [mattn@rhel]$ memstomp./memcpy_fixed memstomp: successfully initialized for process memcpy_fixed (pid 31322). bit.ly/dtstalks
45 Fixing memcpy() calls The best way: fix memcpy() calls Alternative: replace memcpy() with memmove() bit.ly/dtstalks
46 TIP #7 CONTAINERS
47 TIP #8 OVERFLOW BUILTINS
48 Overflow checking builtins // requires gcc5 or later #include <stdio.h> int main() { signed char c1 = 125, res = 0; while (! builtin_add_overflow(c1, (signed char)1, &c1)) { printf("%d: ok\n", c1); } printf("%d: overflow!\n", c1); } $ gcc./overflow.c o overflow $./overflow 126: ok 127: ok 128: overflow!
49 Overflow checking builtins (2) GCC5 only Stay tuned for a future Developer Toolset release... Variants for different arithmetic operators / types No special compilation required Experiment with GCC5 in a Docker container: # docker pull fedora # docker run -i -t fedora 'bash' # enter shell # yum install gcc
50 TIP #9 PERF & DEBUG TOOLS
51 Performance Analysis and Debugging Tools Debugger: underused, powerful tool SystemTap: Live application analysis without rebuilds PAPI: Programmer interface to perf. counter hardware OProfile: Unobtrusive, system-wide code profiler Valgrind: Runtime analysis (particularly memory)
52 TIP #10 CONTRIBUTE BACK
53 Contribute back! Raise bugs Contribute to community discussions Contribute patches and new features Pay it forwards: release software under open source licenses The whole community benefits
54 ACCESSING DEVELOPER TOOLSET
55 Access and Installation 1. Access a subscription that includes Red Hat Software Collections bit.ly/dtstalks
56 How does one access Red Hat Software Collections? Red Hat Developer Toolset (March 2014) STANDARD PREMIUM RED HAT ENTERPRISE LINUX DEVELOPER WORKSTATION RED HAT ENTERPRISE LINUX WORKSTATION RED HAT ENTERPRISE LINUX SERVER RED HAT ENTERPRISE LINUX DEVELOPER SUBSCRIPTIONS asfa RED HAT ENTERPRISE LINUX ACADEMIC SITE SUBSCRIPTIONS Available Only Self Support RED HAT ENTERPRISE LINUX DEVELOPER SUITE Available Only Self Support bit.ly/dtstalks
57 Access and Installation 1. Access a subscription that includes Red Hat Software Collections 2. If using Satellite, generate a new certificate 3. Register your RHEL system 4. Attach a subscription 5. Add the channel [refer to release notes: red.ht/devtoolset] 6. yum install devtoolset 3 bit.ly/dtstalks
58 Red Hat Software Collections Delivers the latest stable versions of dynamic languages, web servers and open source databases asfa KEY BENEFITS Choose the runtime versions best suited for your projects Preserve application stability with side-by-side versioning Red Hat Support for 2 or 3 years bit.ly/dtstalks More up-to-date versions of languages and databases than offered with Red Hat Enterprise Linux
59 Links Developer Program Developer Toolset Documentation This talk: bit.ly/dtstalks
60 Contacts General questions, thoughts, etc. Red Hat Developer Toolset / Software Collections Product Manager Brian Gollaher (bgollahe@redhat.com) Engineering Leads DTS: Martha Benitez (mbenitez@redhat.com) RHSCL: Joe Orton (jorton@redhat.com) bit.ly/dtstalks
61 YOUR QUESTIONS bit.ly/dtstalks
62 THANK-YOU bit.ly/dtstalks
RED HAT DEVELOPER TOOLSET Build, Run, & Analyze Applications On Multiple Versions of Red Hat Enterprise Linux
RED HAT DEVELOPER TOOLSET Build, Run, & Analyze Applications On Multiple Versions of Red Hat Enterprise Linux Dr. Matt Newsome Senior Engineering Manager, Tools v1.4 RED HAT ENTERPRISE LINUX RED HAT
More informationRED HAT SOFTWARE COLLECTIONS RED HAT DEVELOPER TOOLSET Fresh Tools for Developers
RED HAT SOFTWARE COLLECTIONS RED HAT DEVELOPER TOOLSET Fresh Tools for Developers Dr. Matt Newsome Senior Engineering Manager, Tools v2.3 % RED HAT SOFTWARE COLLECTIONS RED HAT DEVELOPER TOOLSET YOUR
More informationRED HAT DEVELOPER TOOLSET: Build, Run, & Analyze Applications On Multiple Versions of Red Hat Enterprise Linux
RED HAT DEVELOPER TOOLSET: Build, Run, & Analyze Applications On Multiple Versions of Red Hat Enterprise Linux Dr. Matt Newsome Engineering Manager Tools 13/JUN/13 v0.8 -> Introduction Dr. Matt Newsome
More informationRed Hat Developer Toolset 6.1
Red Hat Developer Toolset 6.1 User Guide Installing and Using Red Hat Developer Toolset Last Updated: 2017-10-11 Red Hat Developer Toolset 6.1 User Guide Installing and Using Red Hat Developer Toolset
More informationRed Hat Developer Tools
Red Hat Developer Tools 2018.4 Using Clang and LLVM Toolset Installing and Using Clang and LLVM Toolset Last Updated: 2018-11-29 Red Hat Developer Tools 2018.4 Using Clang and LLVM Toolset Installing
More informationDynamic code analysis tools
Dynamic code analysis tools Stewart Martin-Haugh (STFC RAL) Berkeley Software Technical Interchange meeting Stewart Martin-Haugh (STFC RAL) Dynamic code analysis tools 1 / 16 Overview Introduction Sanitizer
More informationRed Hat Developer Tools
Red Hat Developer Tools 2018.2 Using Clang and LLVM Toolset Installing and Using Clang and LLVM Toolset Last Updated: 2018-04-26 Red Hat Developer Tools 2018.2 Using Clang and LLVM Toolset Installing
More informationRed Hat Developer Tools 2.1
Red Hat Developer Tools 2.1 Using Eclipse Installing Eclipse 4.7.1 and first steps with the application Last Updated: 2017-11-07 Red Hat Developer Tools 2.1 Using Eclipse Installing Eclipse 4.7.1 and
More informationRed Hat Developer Tools
Red Hat Developer Tools 2018.1 Using Eclipse Installing Eclipse 4.7.2 and first steps with the application Last Updated: 2018-01-24 Red Hat Developer Tools 2018.1 Using Eclipse Installing Eclipse 4.7.2
More informationRed Hat Enterprise Linux 7
Red Hat Enterprise Linux 7 Developer Guide An introduction to application development tools in Red Hat Enterprise Linux 7 Last Updated: 2018-04-16 Red Hat Enterprise Linux 7 Developer Guide An introduction
More informationDEBUGGING: DYNAMIC PROGRAM ANALYSIS
DEBUGGING: DYNAMIC PROGRAM ANALYSIS WS 2017/2018 Martina Seidl Institute for Formal Models and Verification System Invariants properties of a program must hold over the entire run: integrity of data no
More informationRed Hat Developer Toolset 2.x 2.0 Release Notes
Red Hat Developer Toolset 2.x 2.0 Release Notes Release Notes for Red Hat Developer Toolset 2.0 Eliška Slobodová Red Hat Developer Toolset 2.x 2.0 Release Notes Release Notes for Red Hat Developer Toolset
More informationUpdating the Compiler?
Updating the Compiler? Take Advantage of The New Development Toolchain Andreas Jaeger Product Manager aj@suse.com Programming Languages C C++ Fortran And Go 2 Why new compiler? Faster applications Support
More informationRed Hat Developer Tools
Red Hat Developer Tools 2018.2 Using Eclipse Installing Eclipse 4.7.3a and first steps with the application Last Updated: 2018-04-23 Red Hat Developer Tools 2018.2 Using Eclipse Installing Eclipse 4.7.3a
More informationECE/ME/EMA/CS 759 High Performance Computing for Engineering Applications
ECE/ME/EMA/CS 759 High Performance Computing for Engineering Applications Elements of Program Debugging Dan Negrut, 2017 ECE/ME/EMA/CS 759 UW-Madison Debugging on Euler [with gdb] Slides on gdb include
More informationRed Hat Developer Tools
Red Hat Developer Tools 2018.4 Using Eclipse Installing Eclipse 4.9.0 and first steps with the application Last Updated: 2018-10-23 Red Hat Developer Tools 2018.4 Using Eclipse Installing Eclipse 4.9.0
More informationPRINCIPLES OF OPERATING SYSTEMS
PRINCIPLES OF OPERATING SYSTEMS Tutorial-1&2: C Review CPSC 457, Spring 2015 May 20-21, 2015 Department of Computer Science, University of Calgary Connecting to your VM Open a terminal (in your linux machine)
More informationThreaded Programming. Lecture 9: Alternatives to OpenMP
Threaded Programming Lecture 9: Alternatives to OpenMP What s wrong with OpenMP? OpenMP is designed for programs where you want a fixed number of threads, and you always want the threads to be consuming
More informationCYSE 411/AIT681 Secure Software Engineering Topic #10. Secure Coding: Integer Security
CYSE 411/AIT681 Secure Software Engineering Topic #10. Secure Coding: Integer Security Instructor: Dr. Kun Sun 1 This lecture: [Seacord]: Chapter 5 Readings 2 Secure Coding String management Pointer Subterfuge
More information2/9/18. Readings. CYSE 411/AIT681 Secure Software Engineering. Introductory Example. Secure Coding. Vulnerability. Introductory Example.
This lecture: [Seacord]: Chapter 5 Readings CYSE 411/AIT681 Secure Software Engineering Topic #10. Secure Coding: Integer Security Instructor: Dr. Kun Sun 1 2 String management Pointer Subterfuge Secure
More information2/9/18. CYSE 411/AIT681 Secure Software Engineering. Readings. Secure Coding. This lecture: String management Pointer Subterfuge
CYSE 411/AIT681 Secure Software Engineering Topic #10. Secure Coding: Integer Security Instructor: Dr. Kun Sun 1 This lecture: [Seacord]: Chapter 5 Readings 2 String management Pointer Subterfuge Secure
More informationReviewing gcc, make, gdb, and Linux Editors 1
Reviewing gcc, make, gdb, and Linux Editors 1 Colin Gordon csgordon@cs.washington.edu University of Washington CSE333 Section 1, 3/31/11 1 Lots of material borrowed from 351/303 slides Colin Gordon (University
More informationOutline. Classic races: files in /tmp. Race conditions. TOCTTOU example. TOCTTOU gaps. Vulnerabilities in OS interaction
Outline CSci 5271 Introduction to Computer Security Day 3: Low-level vulnerabilities Stephen McCamant University of Minnesota, Computer Science & Engineering Race conditions Classic races: files in /tmp
More informationNew features in AddressSanitizer. LLVM developer meeting Nov 7, 2013 Alexey Samsonov, Kostya Serebryany
New features in AddressSanitizer LLVM developer meeting Nov 7, 2013 Alexey Samsonov, Kostya Serebryany Agenda AddressSanitizer (ASan): a quick reminder New features: Initialization-order-fiasco Stack-use-after-scope
More informationSecurity Workshop HTS. LSE Team. February 3rd, 2016 EPITA / 40
Security Workshop HTS LSE Team EPITA 2018 February 3rd, 2016 1 / 40 Introduction What is this talk about? Presentation of some basic memory corruption bugs Presentation of some simple protections Writing
More informationCSC 405 Introduction to Computer Security Fuzzing
CSC 405 Introduction to Computer Security Fuzzing Alexandros Kapravelos akaprav@ncsu.edu Let s find some bugs (again) We have a potentially vulnerable program The program has some inputs which can be controlled
More informationCSC 591 Systems Attacks and Defenses Return-into-libc & ROP
CSC 591 Systems Attacks and Defenses Return-into-libc & ROP Alexandros Kapravelos akaprav@ncsu.edu NOEXEC (W^X) 0xFFFFFF Stack Heap BSS Data 0x000000 Code RW RX Deployment Linux (via PaX patches) OpenBSD
More informationGDB Tutorial. Young W. Lim Tue. Young W. Lim GDB Tutorial Tue 1 / 32
GDB Tutorial Young W. Lim 2017-02-14 Tue Young W. Lim GDB Tutorial 2017-02-14 Tue 1 / 32 Outline 1 Introduction Young W. Lim GDB Tutorial 2017-02-14 Tue 2 / 32 Based on "Self-service Linux: Mastering the
More informationCSci 4061 Introduction to Operating Systems. Programs in C/Unix
CSci 4061 Introduction to Operating Systems Programs in C/Unix Today Basic C programming Follow on to recitation Structure of a C program A C program consists of a collection of C functions, structs, arrays,
More informationCSE 565 Computer Security Fall 2018
CSE 565 Computer Security Fall 2018 Lecture 15: Software Security II Department of Computer Science and Engineering University at Buffalo 1 Software Vulnerabilities Buffer overflow vulnerabilities account
More informationRed Hat Software Collections. Ryan Hennessy Sr. Solutions Architect
Red Hat Software Collections Ryan Hennessy Sr. Solutions Architect hennessy@redhat.com Hello Everybody... 2 Solutions Architect based out of the FAR west suburbs of Chicago (Iowa Adjacent) Husband, father
More informationLibSysCTr(3) System Call Tracing Library LibSysCTr(3)
NAME systr_init_library, systr_cleanup_library, systr_run, systr_stop, systr_trace_syscall, systr_untrace_syscall, systr_get_pid, systr_get_param, systr_set_params, systr_is_entry, systr_pmem_read, systr_pmem_write,
More informationC++ Undefined Behavior What is it, and why should I care?
C++ Undefined Behavior What is it, and why should I care? Marshall Clow Qualcomm marshall@idio.com http://cplusplusmusings.wordpress.com (intermittent) Twitter: @mclow ACCU 2014 April 2014 What is Undefined
More informationThis time. Defenses and other memory safety vulnerabilities. Everything you ve always wanted to know about gdb but were too afraid to ask
This time We will continue Buffer overflows By looking at Overflow Defenses and other memory safety vulnerabilities Everything you ve always wanted to know about gdb but were too afraid to ask Overflow
More informationThreads. Threads (continued)
Threads A thread is an alternative model of program execution A process creates a thread through a system call Thread operates within process context Use of threads effectively splits the process state
More informationCS61, Fall 2012 Section 2 Notes
CS61, Fall 2012 Section 2 Notes (Week of 9/24-9/28) 0. Get source code for section [optional] 1: Variable Duration 2: Memory Errors Common Errors with memory and pointers Valgrind + GDB Common Memory Errors
More informationPage 1. Today. Last Time. Is the assembly code right? Is the assembly code right? Which compiler is right? Compiler requirements CPP Volatile
Last Time Today Compiler requirements CPP Volatile Advanced C What C programs mean int my_loop (int base) { int index, count = 0; for (index = base; index < (base+10); index++) count++; urn count; my_loop:
More informationProgramming in C and C++
Programming in C and C++ Types, Variables, Expressions and Statements Neel Krishnaswami and Alan Mycroft Course Structure Basics of C: Types, variables, expressions and statements Functions, compilation
More informationEmbedded Software TI2726 B. 3. C tools. Koen Langendoen. Embedded Software Group
Embedded Software 3. C tools TI2726 B Koen Langendoen Embedded Software Group C development cycle 1. [Think] 2. Edit 3. Compile 4. Test 5. Debug 6. Tune UNIX toolbox 2. vi, emacs, gedit 3. gcc, make 4.
More informationCS C Primer. Tyler Szepesi. January 16, 2013
January 16, 2013 Topics 1 Why C? 2 Data Types 3 Memory 4 Files 5 Endianness 6 Resources Why C? C is exteremely flexible and gives control to the programmer Allows users to break rigid rules, which are
More informationRed Hat Enterprise Linux 8.0 Beta
Red Hat Enterprise Linux 8.0 Beta Developing applications in RHEL 8 An introduction to application development tools in Red Hat Enterprise Linux 8.0 Beta Last Updated: 2018-11-21 Red Hat Enterprise Linux
More informationImproving Linux development with better tools
Improving Linux development with better tools Andi Kleen Oct 2013 Intel Corporation ak@linux.intel.com Linux complexity growing Source lines in Linux kernel All source code 16.5 16 15.5 M-LOC 15 14.5 14
More informationBug Hunting and Static Analysis
Bug Hunting and Red Hat Ondřej Vašík and Petr Müller 2011-02-11 Abstract Basic overview of common error patterns in C/C++, few words about defensive programming
More informationCollect Linux Hardware Trace for ARMv8 User Space and Kernel Space Applications
NXP Semiconductors Document Number: AN5129 Application Note Rev. 11.3.0, 12/2017 Collect Linux Hardware Trace for ARMv8 User Space and Kernel Space Applications 1 Introduction This document describes the
More informationCSCI-243 Exam 1 Review February 22, 2015 Presented by the RIT Computer Science Community
CSCI-243 Exam 1 Review February 22, 2015 Presented by the RIT Computer Science Community http://csc.cs.rit.edu History and Evolution of Programming Languages 1. Explain the relationship between machine
More informationRed Hat Developer Toolset 2.x User Guide
Red Hat Developer Toolset 2.x User Guide Installing and Using Red Hat Developer Toolset Jaromír Hradílek Jacquelynn East Matt Newsome Red Hat Developer Toolset 2.x User Guide Installing and Using Red Hat
More informationReturn Oriented Programming
ROP gadgets Small instruction sequence ending with a ret instruction 0xc3 Gadgets are found in existing, resident code and libraries There exist tools to search for and find gadgets Gadgets are put together
More informationHow to cross compile with LLVM based tools. Peter Smith, Linaro
How to cross compile with LLVM based tools Peter Smith, Linaro Introduction and assumptions What we are covering Today About me What is cross compilation? How does cross compilation work with Clang and
More informationImproving Linux Development with better tools. Andi Kleen. Oct 2013 Intel Corporation
Improving Linux Development with better tools Andi Kleen Oct 2013 Intel Corporation ak@linux.intel.com Linux complexity growing Source lines in Linux kernel All source code 16.5 16 15.5 M-LOC 15 14.5 14
More informationComputer Systems A Programmer s Perspective 1 (Beta Draft)
Computer Systems A Programmer s Perspective 1 (Beta Draft) Randal E. Bryant David R. O Hallaron August 1, 2001 1 Copyright c 2001, R. E. Bryant, D. R. O Hallaron. All rights reserved. 2 Contents Preface
More informationProcesses. Johan Montelius KTH
Processes Johan Montelius KTH 2017 1 / 47 A process What is a process?... a computation a program i.e. a sequence of operations a set of data structures a set of registers means to interact with other
More informationCSCE 548 Building Secure Software Integers & Integer-related Attacks & Format String Attacks. Professor Lisa Luo Spring 2018
CSCE 548 Building Secure Software Integers & Integer-related Attacks & Format String Attacks Professor Lisa Luo Spring 2018 Previous Class Buffer overflows can be devastating It occurs when the access
More informationA process. the stack
A process Processes Johan Montelius What is a process?... a computation KTH 2017 a program i.e. a sequence of operations a set of data structures a set of registers means to interact with other processes
More informationProgramming in C. Lecture 9: Tooling. Dr Neel Krishnaswami. Michaelmas Term
Programming in C Lecture 9: Tooling Dr Neel Krishnaswami Michaelmas Term 2017-2018 1 / 24 Undefined and Unspecified Behaviour 2 / 24 Undefined and Unspecified Behaviour We have seen that C is an unsafe
More informationCS , Spring 2009 Exam 2
Andrew login ID: Full Name: Recitation Section: CS 15-213, Spring 2009 Exam 2 Tues., April 7th, 2009 Instructions: Make sure that your exam is not missing any sheets, then write your full name, Andrew
More informationIntel Parallel Studio XE 2017 Composer Edition BETA C++ - Debug Solutions Release Notes
Developer Zone Intel Parallel Studio XE 2017 Composer Edition BETA C++ - Debug Solutions Release Notes Submitted by Georg Z. (Intel) on August 5, 2016 This page provides the current Release Notes for the
More informationObtained the source code to gcc, one can just follow the instructions given in the INSTALL file for GCC.
Building cross compilers Linux as the target platform Obtained the source code to gcc, one can just follow the instructions given in the INSTALL file for GCC. configure --target=i486-linux --host=xxx on
More informationData and File Structures Laboratory
Tools: GDB, Valgrind Assistant Professor Machine Intelligence Unit Indian Statistical Institute, Kolkata August, 2018 1 GDB 2 Valgrind A programmer s experience Case I int x = 10, y = 25; x = x++ + y++;
More informationCSE 303: Concepts and Tools for Software Development
CSE 303: Concepts and Tools for Software Development Hal Perkins Winter 2009 Lecture 7 Introduction to C: The C-Level of Abstraction CSE 303 Winter 2009, Lecture 7 1 Welcome to C Compared to Java, in rough
More informationPrograms. Function main. C Refresher. CSCI 4061 Introduction to Operating Systems
Programs CSCI 4061 Introduction to Operating Systems C Program Structure Libraries and header files Compiling and building programs Executing and debugging Instructor: Abhishek Chandra Assume familiarity
More informationU23 - Binary Exploitation
U23 - Binary Exploitation Stratum Auhuur robbje@aachen.ccc.de November 21, 2016 Context OS: Linux Context OS: Linux CPU: x86 (32 bit) Context OS: Linux CPU: x86 (32 bit) Address Space Layout Randomization:
More informationLecture 08 Control-flow Hijacking Defenses
Lecture 08 Control-flow Hijacking Defenses Stephen Checkoway University of Illinois at Chicago CS 487 Fall 2017 Slides adapted from Miller, Bailey, and Brumley Control Flow Hijack: Always control + computation
More informationItron Riva Dev Software Development Getting Started Guide
Itron Riva Dev Software Development Getting Started Guide Table of Contents Introduction... 2 Busybox Command-line [Edge and Mini]... 2 BASH Scripts [Edge and Mini]... 3 C Programs [Edge and Mini]... 5
More informationA tale of ELFs and DWARFs
A tale of ELFs and DWARFs A glimpse into the world of linkers, loaders and binary formats Volker Krause vkrause@kde.org @VolkerKrause Our Workflow Write code Run compiler... Run application Profit! Why
More informationBristol Institute of Technology
Bristol Institute of Technology Academic Year: 09/10 Module Leader: Module Code: Title of Module: Ian Johnson UFCETS-20-1 Programming in C Examination Date: Monday 12 th January 2009 Examination Start
More informationPetaLinux SDK User Guide. Application Development Guide
PetaLinux SDK User Guide Notice of Disclaimer The information disclosed to you hereunder (the "Materials") is provided solely for the selection and use of Xilinx products. To the maximum extent permitted
More informationArray Initialization
Array Initialization Array declarations can specify initializations for the elements of the array: int primes[10] = { 2, 3, 5, 7, 11, 13, 17, 19, 23, 29 ; initializes primes[0] to 2, primes[1] to 3, primes[2]
More informationECE 598 Advanced Operating Systems Lecture 12
ECE 598 Advanced Operating Systems Lecture 12 Vince Weaver http://web.eece.maine.edu/~vweaver vincent.weaver@maine.edu 1 March 2018 Announcements Next homework will be due after break. Midterm next Thursday
More informationPRACE Autumn School Basic Programming Models
PRACE Autumn School 2010 Basic Programming Models Basic Programming Models - Outline Introduction Key concepts Architectures Programming models Programming languages Compilers Operating system & libraries
More information20: Exploits and Containment
20: Exploits and Containment Mark Handley Andrea Bittau What is an exploit? Programs contain bugs. These bugs could have security implications (vulnerabilities) An exploit is a tool which exploits a vulnerability
More informationTCSS 422: OPERATING SYSTEMS
TCSS 422: OPERATING SYSTEMS OBJECTIVES Introduction to threads Concurrency: An Introduction Wes J. Lloyd Institute of Technology University of Washington - Tacoma Race condition Critical section Thread
More informationWhy C++ is much more fun than C (C++ FAQ)?
From C to C++ Why C++ is much more fun than C (C++ FAQ)? 1. Classes & methods - OO design 2. Generic programming - Templates allow for code reuse 3. Stricter type system (e.g. function args) 4. Some run-time
More informationEmbedded Systems Programming
Embedded Systems Programming ES Development Environment (Module 3) Yann-Hang Lee Arizona State University yhlee@asu.edu (480) 727-7507 Summer 2014 Embedded System Development Need a real-time (embedded)
More informationImportant From Last Time
Important From Last Time Embedded C Pros and cons Macros and how to avoid them Intrinsics Interrupt syntax Inline assembly Today Advanced C What C programs mean How to create C programs that mean nothing
More informationPage 1. Today. Important From Last Time. Is the assembly code right? Is the assembly code right? Which compiler is right?
Important From Last Time Today Embedded C Pros and cons Macros and how to avoid them Intrinsics Interrupt syntax Inline assembly Advanced C What C programs mean How to create C programs that mean nothing
More informationRed Hat JBoss Developer Studio 11.3
Red Hat JBoss Developer Studio 11.3 Installation Guide Installing Red Hat JBoss Developer Studio Last Updated: 2018-05-01 Red Hat JBoss Developer Studio 11.3 Installation Guide Installing Red Hat JBoss
More informationProblem Set 1: Unix Commands 1
Problem Set 1: Unix Commands 1 WARNING: IF YOU DO NOT FIND THIS PROBLEM SET TRIVIAL, I WOULD NOT RECOMMEND YOU TAKE THIS OFFERING OF 300 AS YOU DO NOT POSSESS THE REQUISITE BACKGROUND TO PASS THE COURSE.
More informationCS 3305 Intro to Threads. Lecture 6
CS 3305 Intro to Threads Lecture 6 Introduction Multiple applications run concurrently! This means that there are multiple processes running on a computer Introduction Applications often need to perform
More informationExercise Session 2 Simon Gerber
Exercise Session 2 Simon Gerber CASP 2014 Exercise 2: Binary search tree Implement and test a binary search tree in C: Implement key insert() and lookup() functions Implement as C module: bst.c, bst.h
More informationThe first Secure Programming Laboratory will be today! 3pm-6pm in Forrest Hill labs 1.B31, 1.B32.
Lab session this afternoon Memory corruption attacks Secure Programming Lecture 6: Memory Corruption IV (Countermeasures) David Aspinall, Informatics @ Edinburgh 2nd February 2016 The first Secure Programming
More informationCS 392/681 Lab 6 Experiencing Buffer Overflows and Format String Vulnerabilities
CS 392/681 Lab 6 Experiencing Buffer Overflows and Format String Vulnerabilities Given: November 13, 2003 Due: November 20, 2003 1 Motivation Buffer overflows and format string vulnerabilities are widespread
More informationHigh-performance computing and programming Intro to C on Unix/Linux. Uppsala universitet
High-performance computing and programming Intro to C on Unix/Linux IT Uppsala universitet What is C? An old imperative language that remains rooted close to the hardware C is relatively small and easy
More informationUniversità Ca Foscari Venezia
Stack Overflow Security 1 2018-19 Università Ca Foscari Venezia www.dais.unive.it/~focardi secgroup.dais.unive.it Introduction Buffer overflow is due to careless programming in unsafe languages like C
More informationSystems Programming and Computer Architecture ( )
Systems Group Department of Computer Science ETH Zürich Systems Programming and Computer Architecture (252-0061-00) Timothy Roscoe Herbstsemester 2016 1 4: Pointers Computer Architecture and Systems Programming
More informationSaint Louis University. Intro to Linux and C. CSCI 2400/ ECE 3217: Computer Architecture. Instructors: David Ferry
Intro to Linux and C CSCI 2400/ ECE 3217: Computer Architecture Instructors: David Ferry 1 Overview Linux C Hello program in C Compiling 2 History of Linux Way back in the day: Bell Labs Unix Widely available
More informationDownload, Install and Setup the Linux Development Workload Create a New Linux Project Configure a Linux Project Configure a Linux CMake Project
Table of Contents Download, Install and Setup the Linux Development Workload Create a New Linux Project Configure a Linux Project Configure a Linux CMake Project Connect to Your Remote Linux Computer Deploy,
More informationWIND RIVER DIAB COMPILER
AN INTEL COMPANY WIND RIVER DIAB COMPILER Boost application performance, reduce memory footprint, and produce high-quality, standards-compliant object code for embedded systems with Wind River Diab Compiler.
More informationsyscall_intercept A user space library for intercepting system calls Author Name, Company Krzysztof Czuryło, Intel
Talk syscall_intercept Title Here A user space library for intercepting system calls Author Name, Company Krzysztof Czuryło, Intel What it is? Provides a low-level interface for hooking Linux system calls
More informationC++ Undefined Behavior
C++ Undefined Behavior What is it, and why should I care? A presentation originally by Marshal Clow Original: https://www.youtube.com/watch?v=uhclkb1vkay Original Slides: https://github.com/boostcon/cppnow_presentations_2014/blob/master/files/undefined-behavior.pdf
More informationSecure Programming Lecture 6: Memory Corruption IV (Countermeasures)
Secure Programming Lecture 6: Memory Corruption IV (Countermeasures) David Aspinall, Informatics @ Edinburgh 2nd February 2016 Outline Announcement Recap Containment and curtailment Tamper detection Memory
More informationMaking things work as expected
Making things work as expected System Programming Lab Maksym Planeta Björn Döbel 20.09.2018 Table of Contents Introduction Hands-on Tracing made easy Dynamic intervention Compiler-based helpers The GNU
More informationSecure Programming Lecture 5: Memory Corruption III (Countermeasures)
Secure Programming Lecture 5: Memory Corruption III (Countermeasures) David Aspinall, Informatics @ Edinburgh 1st February 2018 Memory corruption recap Buffer overflow is still one of the most common vulnerabilities
More informationPraktische Aspekte der Informatik
Praktische Aspekte der Informatik Moritz Mühlhausen Prof. Marcus Magnor Optimization valgrind, gprof, and callgrind Further Reading Warning! The following slides are meant to give you a very superficial
More informationCS165 Computer Security. Understanding low-level program execution Oct 1 st, 2015
CS165 Computer Security Understanding low-level program execution Oct 1 st, 2015 A computer lets you make more mistakes faster than any invention in human history - with the possible exceptions of handguns
More informationBuffer overflow risks have been known for over 30 years. Is it still a problem? Try searching at to see.
Memory corruption recap Other memory corruption errors Secure Programming Lecture 5: Memory Corruption III (Countermeasures) David Aspinall, Informatics @ Edinburgh 1st February 2018 Buffer overflow is
More informationFreescale Semiconductor gcc linaro toolchain, Rev
ABOUT GCC LINARO 4.6.2 MULTILIB TOOLCHAIN 1 What s new... 2 2 What s inside... 2 3 How to use... 3 3.1 gcc... 3 3.2 Application debug tools... 5 4 Appendix... 6 4.1 Toolchain test result... 6 4.1.1 Test
More informationMemory Corruption 101 From Primitives to Exploit
Memory Corruption 101 From Primitives to Exploit Created by Nick Walker @ MWR Infosecurity / @tel0seh What is it? A result of Undefined Behaviour Undefined Behaviour A result of executing computer code
More informationECE 250 / CS 250 Computer Architecture. C to Binary: Memory & Data Representations. Benjamin Lee
ECE 250 / CS 250 Computer Architecture C to Binary: Memory & Data Representations Benjamin Lee Slides based on those from Alvin Lebeck, Daniel Sorin, Andrew Hilton, Amir Roth, Gershon Kedem Administrivia
More informationTI2725-C, C programming lab, course
Valgrind tutorial Valgrind is a tool which can find memory leaks in your programs, such as buffer overflows and bad memory management. This document will show per example how Valgrind responds to buggy
More informationIdentifying Memory Corruption Bugs with Compiler Instrumentations. 이병영 ( 조지아공과대학교
Identifying Memory Corruption Bugs with Compiler Instrumentations 이병영 ( 조지아공과대학교 ) blee@gatech.edu @POC2014 How to find bugs Source code auditing Fuzzing Source Code Auditing Focusing on specific vulnerability
More information