I've been working on the static analysis code for BlackHat using TDD and C#. I started emulating the stack as part of a customer test that related to tracking tainted values. The customer test involves dereferencing argv, which is user supplied and tainted.
I have been using a type AbstractValue consisting of a Byte[] for storage. Now I need to also hold a taint property (Boolean) for each cell in the buffer representing argv. I changed the storage to an array of AbstractValues. It compiled, but trying to run it killed sharpdevelop and nuint-gui. It turned out to be a stack overflow caused by recursion in the constructor.
I have the feeling I'm doing too much with this type, storing values, pointer representation, and buffer emulation.
Subclasses seems like the next step, but then several places in the code would have to check to see what type something is before dealing with it. Matt would probably know what to do, but he can't give me any concrete direction.
I'll call him later and make another post about his thoughts and the solution (if I come up with one).
I have been using a type AbstractValue consisting of a Byte[] for storage. Now I need to also hold a taint property (Boolean) for each cell in the buffer representing argv. I changed the storage to an array of AbstractValues. It compiled, but trying to run it killed sharpdevelop and nuint-gui. It turned out to be a stack overflow caused by recursion in the constructor.
I have the feeling I'm doing too much with this type, storing values, pointer representation, and buffer emulation.
Subclasses seems like the next step, but then several places in the code would have to check to see what type something is before dealing with it. Matt would probably know what to do, but he can't give me any concrete direction.
I'll call him later and make another post about his thoughts and the solution (if I come up with one).
posted by luis at
12:49 PM
0 Comments:
Post a Comment
<< Home