Building Superior Embedded Systems
Dynamic program analysis is the analysis of a software system that involves the execution of the software (usually with additional instrumentation added into the program)
Static analysis involves analyzing a program without running it. Static analysis tools are useful for identifying problematic and confusing uses of a given programming language.
Memory scribbling is when you initialize sections of memory to a particular value to ensure correct operations are happening. This is used to catch problems like use after free, use without initialization, and buffer overflows.
gdb (the GNU Debugger) is a widely-used cross-platform debugging tool designed to work with the GNU toolchain.
Collectively, “sanitizers” refers to the Google Sanitizer libraries (and similar implementations), such as AddressSanitizer (ASan), MemorySanitizer (MSan), ThreadSanitizer (TSan), Leak Sanitizer (LSan), and Undefined Behavior Sanitizer (UBSan).
Stack Smashing Protection (SSP) is a defensive technique used to detect when a stack overflow has occurred and halt the program. SSP is primarily used to prevent malicious actors from exploiting stack overflow conditions in a program.
A buffer overflow (or buffer overrun) is an error that occurs when a program writes data to a buffer while overrunning that buffer’s boundary.
A stack overflow or stack buffer overflow occurs when a program writes to a memory address on the call stack which is outside of the current function’s stack frame.
A linker map is a file produced by the linker. The file shows the symbols and sections contained in a binary. The linker also provides the memory address and size for each symbol.
The process of identifying and resolving defects or errors within a computer program.