Focus on Heap Memory Errors,Buffer overflow c,char c malloc 100 a. c 100 a 0 99,Dangling reference,char p1 malloc 100. char p2 p1 x, Ben Zorn Microsoft Research Tolerating and Correcting Memory Errors in C and C 2. Approaches to Memory Corruptions,Rewrite in a safe language. Static analysis safe subset of C or C,SAFECode Adve PREfix SAL etc. Runtime detection fail fast,Jones Lin CRED Lam CCured Necula etc. Tolerate Corruption and Continue,Failure oblivious Rinard unsound. Rx Boundless Memory Blocks ECC memory,DieHard Exterminator Samurai. Ben Zorn Microsoft Research Tolerating and Correcting Memory Errors in C and C 3. Fault Tolerance and Platforms,Platforms necessary in computing ecosystem. Extensible frameworks provide lattice for 3rd parties. Tremendously successful business model,Examples Window iPod browser etc. Platform power derives from extensibility,Tension between isolation for fault tolerance. integration for functionality,Platform only as reliable as weakest plug in. Tolerating bad plug ins necessary by design, Ben Zorn Microsoft Research Tolerating and Correcting Memory Errors in C and C 4. Research Vision,Increase robustness of installed code base. Potentially improve millions of lines of code,Minimize effort ideally no source mods no. recompilation,Reduce requirement to patch,Patches are expensive detect write deploy. Patches may introduce new errors,Enable trading resources for robustness. E g more memory implies higher reliability, Ben Zorn Microsoft Research Tolerating and Correcting Memory Errors in C and C 5. Motivation,Exterminator,Collaboration with Emery Berger Gene Novark. Automatically corrects memory errors,Suitable for large scale deployment. Critical Memory Samurai, Collaboration with Karthik Pattabiraman Vinod Grover. New memory semantics,Source changes to explicitly identify and protect. critical data,Conclusion, Ben Zorn Microsoft Research Tolerating and Correcting Memory Errors in C and C 6. DieHard Allocator in a Nutshell,With Emery Berger PLDI 06. Existing heaps are packed Normal Heap,tightly to minimize space. Tight packing increases,likelihood of corruption,Predictable layout is easier for. attacker to exploit,Randomize and overprovision DieHard Heap. Expansion factor determines how,much empty space,Does not change semantics. Replication increases benefits,Enables analytic reasoning. Tolerating and Correcting Memory Errors in,Ben Zorn Microsoft Research C and C 7. DieHard in Practice,DieHard non replicated,Windows Linux version implemented by Emery Berger. Try it right now http www diehard software org,Adaptive automatically sizes heap. Mechanism automatically redirects malloc calls to DieHard DLL. Application Firefox Mozilla, Known buffer in version 1 7 3 overflow crashes browser. Experience,Usable in practice no perceived slowdown. Roughly doubles memory consumption with 2x expansion. FireFox 20 3 Mbytes vs 44 3 Mbytes with DieHard, Ben Zorn Microsoft Research Tolerating and Correcting Memory Errors in C and C 8. DieHard Caveats,Primary focus is on protecting heap. Techniques applicable to stack data but requires,recompilation and format changes. Trades space processors for memory safety, Not applicable to applications with large footprint. Applicability to server apps likely to increase,In replicated mode DieHard requires determinism. Replicas see same input shared state etc,DieHard is a brute force approach. Improvements possible efficiency safety coverage etc. Ben Zorn Microsoft Research Tolerating and Correcting Memory Errors in C and C 9. Exterminator Motivation,DieHard limitations, Tolerates errors probabilistically doesn t fix them. Memory and CPU overhead,Provides no information about source of errors. Ideal solution addresses the limitations, Program automatically detects and fixes memory errors. Corrected program has no memory CPU overhead, Sources of errors are pinpointed easier for human to fix. Exterminator correcting allocator,Joint work with Emery Berger Gene Novark. Plan isolate patch bugs while tolerating them, Ben Zorn Microsoft Research Tolerating and Correcting Memory Errors in C and C 10. Exterminator Components,Architecture of Exterminator dictated by solving. specific problems,How to detect heap corruptions effectively. DieFast allocator,How to isolate the cause of a heap corruption. Heap differencing algorithms,How to automatically fix buggy C code without. breaking it,Correcting allocator hot allocator patches. Ben Zorn Microsoft Research Tolerating and Correcting Memory Errors in C and C 11. DieFast Allocator,Randomized over provisioned heap. Canary random bit pattern fixed at startup 100101011110. Leverage extra free space by inserting canaries,Inserting canaries. Initialization all cells have canaries,On allocation no new canaries. On free put canary in the freed object with prob P. Checking canaries,On allocation check cell returned. On free check adjacent cells, Ben Zorn Microsoft Research Tolerating and Correcting Memory Errors in C and C 12. Installing and Checking Canaries,Initially heap full of canaries. Allocate Allocate,Install canaries,Check canary Check canary. with probability P,Tolerating and Correcting Memory Errors in. Ben Zorn Microsoft Research C and C 13,Heap Differencing. Run program multiple times with different randomized. If detect canary corruption dump contents of heap, Identify objects across runs using allocation order. Insight Relation between corruption and object,causing corruption is invariant across heaps. Detect invariant across random heaps,More heaps higher confidence of invariant. Ben Zorn Microsoft Research Tolerating and Correcting Memory Errors in C and C 14. Attributing Buffer Overflows,delta is constant but unknown. Which object caused,Now only 2 candidates Run 3,One candidate. Precision increases exponentially with number of runs. Tolerating and Correcting Memory Errors in,Ben Zorn Microsoft Research C and C 15.
Attachments: Presentation to City of Langford.doc I understand from you that the Association should not be making a verbal presentation to the Administration and Finance Committee, but that a written presentation could be included in the package made available to its members, and that it would also be taken into account
An examination of te global investment management industry 6 While there is a global movement to adopt Blockchain-operated investment management solutions, this is still not widely adopted in South Africa. While the South African government does not view Bitcoin (which was the starting point of Blockchain technology) as a legal form of
with a radial artery compression device called the Terumo (TR) Band (a dual compression balloon device) and 300 patients were treated with a chitosan-based pad (a carbohydrate derivative chitin). Their study found a significant difference in compression time and lower rates of radial artery occlusion favoring the chitosan-based pad . A ...
project is in the planning phase or the potential for development is high. Specific sites are selected in considera- tion of their development potential and the existence of current development plans. This research suggests mul- tiple planning and design strategies for adaptation suitable for each of these target regions: multi-tiered terraces
SuperWash Laundry merupakan laundry low cost pertama dan terbesar di Indonesia. Hanya dengan paket investasi yang rendah sudah bisa membuka usaha franchise laundry Tim Profesional dan Terlatih SuperWash Laundry mempunyai tim support dan manajemen yang profesional dan tentunya sudah terlatih di bidangnya, sehingga
Installation of Domain Controller on Server 2019 As Microsoft has release new Windows Server 2019 with more enhanced features and security related stuff. We have preview editions available to take a look and drive it to look more in depth. Domain Controller has been installed on Windows Server 2019, you can download a separate
agreed to share the kingship of Thebes, ruling in alternate years. However, after Eteocles had served his first term as king, he refused to relinquish the throne to Polyneices, claiming that Polyneices was unfit to rule. Polyneices then enlisted an army from Argos, a long-standing enemy of Thebes, to fight his brother. In the course of battle,
Physical Therapy Department for Musculoskeletal Disorder and Its Surgery Master Degree 2002 Author : Aliaa Mohammed Rehan. Title : Effects of early closed kinetic chain exercises on the rate of callus formation dyring distraction osteogenesis by ilizarov's method.
About This Presentation There have been many great texts authored on the subject of Servant-Leadership. Herein, I attempted to compile the insights of some of these experts, extract the most relevant material for this audience and present