Re: free software which can detect array out of bounds in linux



On Feb 23, 2:25 pm, Måns Rullgård <m...@xxxxxxxxx> wrote:

If valgrind can't spot the error, neither will dmalloc. Both tools
are malloc debuggers, and will not catch buffer overflows on the
stack.


From Valgrind site: "Unfortunately, Memcheck doesn't do bounds
checking on static or stack arrays. We'd like to, but it's just not
possible to do in a reasonable way that fits with how Memcheck works.
Sorry."

http://valgrind.org/docs/manual/faq.html#faq.overruns

Thats a pretty big whole for Valgrind which otherwise IMHO is a great
product.

Ivan Novick
http://www.0x4849.net

.



Relevant Pages

  • Re: valgrind on amd64 crashes when delivering signal for threaded application
    ... I cannot remember whether we changed the stack alignment on one or both of i386 and amd64 when we switched to clang; I think we did, but am having trouble finding it in the archives. ... Though, I think it would have been to match what clang does by default on linux, which would not really help explain the weird behavior from valgrind. ... I guess here the thing to try would be compiling libthr with -mstack-realign, not that that is a reasonable thing to do in head. ...
    (freebsd-hackers)
  • Re: Detecting stack corruption
    ... > While being a very useful tool, valgrind will not detect stack ... Oops, yes, stack corruption is due to writing stack when ...
    (comp.os.linux.development.apps)
  • Re: [ANNOUNCE] kmemcheck v7
    ... Yeah, as soon as the stack pointer changes, everything below it is invalidated. ... The big thing Valgrind hasn't traditionally helped with is overruns of on-stack arrays. ... void f1 ...
    (Linux-Kernel)
  • Re: Stack corruption problem.
    ... Valgrind doesn't handle stack issues very well. ... any automatic arrays or other stack manipulation magic. ... That will catch all manner of stack overflows that Valgrind misses. ...
    (comp.os.linux.development.apps)
  • Re: Valgrinding the kernel?
    ... The original problem was that Valgrind didn't deal with clone and didn't have accurate signal support. ... Then the problem was dealing with the densely packed small kernel stacks. ... Valgrind now has a way of registering stack regions, so that it can distinguish between a stack switch and a normal function call. ...
    (Linux-Kernel)