FOSDEM did not deceive me at all – just the contrary.
There were many interesting things and the talk I liked the most was about valgrind. The very obvious idea after it was “why not develop a security scanner on the top of valgrind?”. Valgrind is a framework to develop simulation-based tools, and MemCheck is just one of them. Valgrind handles the most tedious and demanding part of the job – simulating the processor instructions. It also handles the operating system calls, signals, and the rest, so the developer of a security scanner will be able to concentrate on the essential things.
Just an idea..
A nice dynamic graph: relation browser.
Something similar could be used in IDA Pro for inter-function navigation. The graph nodes would be functions and static data variables, the edges would represent function calls and data accesses…
Textbooks on software engineering prescribe to check preconditions at the beginning of a function. This is a really good idea: the sooner we detect that the input data or environment does not match our expectations, the easier it is to trace and debug the application. A nice function with precondition checking refuses to “work” if the preconditions are not satisfied.
Continue reading Capricious programming
Each year in Brussels, Belgium there is a conference called FOSDEM. It is organized on the last weekend of February. There seem to be some interesting talks about security and program developement this year. The development track is almost fully dedicated to various CVSes. The choice of CVS is an object of faith like the choice of the editor so it doesn’t hurt to go and see what others use…
I’ll also attend the the talk about valgrind by Julian Seward. I loved the tool from the first time I used it.
See you there
I realized that it is quite easy to make FindCrypt work with big endian programs. For that we just need to know the size of each constant array element and swap them if required. So here is the second version of FindCrypt. It introduces the following improvements:
- it works with both little and big endian programs
- it knows to reuse old slots in the bookmarks if run repeatedly
- it is fully automatic and scans each new created database. manual scan is still available
Future possible improvement: a tool which would extract constant arrays from the source code of any project. This tool can be written on perl or python and will be quite simple (we only have to handle constant array definitions in C). More sophisticated tool could also take care of type definitions like “typedef long LONG”…
For your convenience, here are links to both versions: findcrypt.zip and findcrypt2.zip
Compare them to see the differences, there aren’t many!