Abstract
This article is the most complete collection of examples of 64-bit errors in the C and C++ languages. The article is intended for Windows-application developers who use Visual C++, however, it will be useful for other programmers as well. Introduction
Our company OOO "Program Verification Systems" develops a special static analyzer Viva64 that detects 64-bit errors in the code of C/C++ applications. During this development process we constantly enlarge our collection of examples of 64-bit defects, so we decided to gather the most interesting ones in this article. Here you will find examples both taken directly from the code of real applications and composed synthetically relying on real code since such errors are too "extended" throughout the native code. The article only demonstrates various types of 64-bit errors and does not describe methods of detecting and preventing them. If you want to know how to diagnose and fix defects in 64-bit programs, please see the following sources:
You may also try the demo version of the PVS-Studio tool that includes the Viva64 static code analyzer which detects almost all the errors described in this article. The demo version of the tool can be downloaded here: http://www.viva64.com/pvs-studio/download/. Example 1. Buffer overflowstruct STRUCT_1
{
int *a;
};struct STRUCT_2
{
int x;
};
...
STRUCT_1 Abcd;
STRUCT_2 Qwer;
memset(&Abcd, 0, sizeof(Abcd));
memset(&Qwer, 0, sizeof(Abcd)); In this program, two objects of the STRUCT_1 and STRUCT_2 types are defined which must be zeroed (all the fields must be initialized with nulls) before being used. While implementing the initialization, the programmer decided to copy a similar line and replaced "&Abcd" with "&Qwer" in it. But he forgot to replace "sizeof(Abcd)" with "sizeof(Qwer)". Due to mere luck, the sizes of the STRUCT_1 and STRUCT_2 structures coincided on a 32-bit system and the code has been working correctly for a long time. Read more: Intel
This article is the most complete collection of examples of 64-bit errors in the C and C++ languages. The article is intended for Windows-application developers who use Visual C++, however, it will be useful for other programmers as well. Introduction
Our company OOO "Program Verification Systems" develops a special static analyzer Viva64 that detects 64-bit errors in the code of C/C++ applications. During this development process we constantly enlarge our collection of examples of 64-bit defects, so we decided to gather the most interesting ones in this article. Here you will find examples both taken directly from the code of real applications and composed synthetically relying on real code since such errors are too "extended" throughout the native code. The article only demonstrates various types of 64-bit errors and does not describe methods of detecting and preventing them. If you want to know how to diagnose and fix defects in 64-bit programs, please see the following sources:
- Lessons on development of 64-bit C/C++ applications [1];
- About size_t and ptrdiff_t [2];
- 20 issues of porting C++ code on the 64-bit platform [3];
- PVS-Studio Tutorial [4];
- A 64-bit horse that can count [5].
You may also try the demo version of the PVS-Studio tool that includes the Viva64 static code analyzer which detects almost all the errors described in this article. The demo version of the tool can be downloaded here: http://www.viva64.com/pvs-studio/download/. Example 1. Buffer overflowstruct STRUCT_1
{
int *a;
};struct STRUCT_2
{
int x;
};
...
STRUCT_1 Abcd;
STRUCT_2 Qwer;
memset(&Abcd, 0, sizeof(Abcd));
memset(&Qwer, 0, sizeof(Abcd)); In this program, two objects of the STRUCT_1 and STRUCT_2 types are defined which must be zeroed (all the fields must be initialized with nulls) before being used. While implementing the initialization, the programmer decided to copy a similar line and replaced "&Abcd" with "&Qwer" in it. But he forgot to replace "sizeof(Abcd)" with "sizeof(Qwer)". Due to mere luck, the sizes of the STRUCT_1 and STRUCT_2 structures coincided on a 32-bit system and the code has been working correctly for a long time. Read more: Intel
Posts
0 comments:
Post a Comment