Was first time, trying to debug a memory corruption(in Linux) happening in the code written by me :).
From some time, have been seeing it happening in some scenarios, but was continuing with the development as I was not in mood then to debug it.
But, certainly, it would never get fixed by itself, so had started trying to debug the issue.
Used various means, reviewed most of the code and found some places which might cause a corruption. But none fixed the issue I was seeing.
Then, used Valgrind, it provided very useful insights, and fixed some more places where it showed possible trouble. But, still the original issue was still there.
Finally, today found this wonderful compilation option provided by gcc (-fstack-protector-all).
It is basically called "Stack-Smashing Protector(ProPolice)"
This option, when enabled, adds some additional security(checks) to all functions and provides buffer overflow protection.
When ever, inside a function, it sees the buffer overflow, it immediately sends a SIGABRT signal to the process.
So, using gdb, you immediately catch the signal and get the call stack and easily know the function where this overflow is happening and fix it.
Probably, it is not a bad idea to just run the binary with this option enabled atleast once b4 the final release, even if u do not see a crash, just to make sure, it doesn't crash in some particular environments.
Valgrind and -fstack-protector-all are Super :).
From some time, have been seeing it happening in some scenarios, but was continuing with the development as I was not in mood then to debug it.
But, certainly, it would never get fixed by itself, so had started trying to debug the issue.
Used various means, reviewed most of the code and found some places which might cause a corruption. But none fixed the issue I was seeing.
Then, used Valgrind, it provided very useful insights, and fixed some more places where it showed possible trouble. But, still the original issue was still there.
Finally, today found this wonderful compilation option provided by gcc (-fstack-protector-all).
It is basically called "Stack-Smashing Protector(ProPolice)"
This option, when enabled, adds some additional security(checks) to all functions and provides buffer overflow protection.
When ever, inside a function, it sees the buffer overflow, it immediately sends a SIGABRT signal to the process.
So, using gdb, you immediately catch the signal and get the call stack and easily know the function where this overflow is happening and fix it.
Probably, it is not a bad idea to just run the binary with this option enabled atleast once b4 the final release, even if u do not see a crash, just to make sure, it doesn't crash in some particular environments.
Valgrind and -fstack-protector-all are Super :).
No comments:
Post a Comment