Modify the pintool to track the allocations obtained via malloc() and deallocated via free() and discover both use-after-free and double free errors. Diagnostic information should be generated which will guide the correction of the errors. You should demonstrate the correctness of your pintool by generating a number of test cases, based on the use-after-free and double free examples illustrated in the figures.THE ELF EXECUTABLE FILE FORMAT
LAB07: ADVANCED BINARY INSTRUMENTATION WITH PIN
USING PIN FOR VULNERABILITY DETECTION
Lab Description: In this lab you will modify an existing pintool to detect
various dynamic memory allocation errors. This class of programming errors
often results in exploitable vulnerabilities.
______________________________________________________
LAB EXERCISE: DETECTING DYNAMIC MEMORY ALLOCATION
ERRORS WITH PIN
Background : There are a number of common programming errors
associated with dynamic memory allocation / deallocation (using malloc()
and free() in C). We’ll concentrate on two, specifically double free and use
after free.
A double free error occurs when a single allocation obtained via a malloc()
call is free()-ed twice. A double free error and an illustration of the
corresponding heap corruption (in which two allocations becomes aliased and
point to the same block of storage) are presented in the figure below:
Page | 1
A use-after-free error occurs when an allocation obtained via malloc() is
free()-ed and then subsequently used again. This almost always results in
heap corruption and is often exploitable. A use-after-free error and an
illustration of the corresponding heap corruption are presented in the figure
below:
Your Task
In lecture, we will developed a pintool that could analyze malloc() / free()
calls in a target application, displaying information about arguments and
return values. The pintool is called mallocfreev3.cpp. Modify the pintool
to track the allocations obtained via malloc() and deallocated via free() and
discover both use-after-free and double free errors. Diagnostic information
should be generated which will guide the correction of the errors. You
should demonstrate the correctness of your pintool by generating a
number of test cases, based on the use-after-free and double free
examples illustrated in the figures.
WHAT TO SUBMIT
Submit a copy of the source code for your pintool and test cases for this
lab on Blackboard.
Page | 2
11/8/2020
https://blackboard.towson.edu/bbcswebdav/pid-6571345-dt-content-rid-52179116_2/courses/001455-01-1204-1-101-03240/mallocfreev3.cpp
#include
#include “pin.H”
// function prototype for malloc()
typedef VOID *(*FP_MALLOC)(size_t);
//
// ANALYSIS ROUTINES
//
// logs calls to free(). There’s no need to replace the free()
// function with an instrumented one, because we only care about the
// argument when free() is invoked. Monitors free() return addresses
// to filter malloc() calls from the main executable.
VOID free_before(ADDRINT arg, ADDRINT return_IP) {
PIN_LockClient(); // needed for IMG_FindByAddress() call
if (IMG_IsMainExecutable(IMG_FindByAddress(return_IP))) {
printf(“free(%p)n”, (void *)arg);
fflush(stdout);
}
PIN_UnlockClient();
}
// instrumented version of malloc(). Extracts info about arg and
// return value and then calls original malloc(). Monitors malloc()
// return addresses to filter malloc() calls from the main executable.
VOID *malloc_instr(FP_MALLOC origmalloc, ADDRINT arg,
ADDRINT return_IP) {
// call original malloc
VOID *v = origmalloc(arg);
// output info about malloc() call only if it’s in the main
// executable
PIN_LockClient(); // needed for IMG_FindByAddress() call
if (IMG_IsMainExecutable(IMG_FindByAddress(return_IP))) {
printf(“%p
Purchase answer to see full
attachment
Why Choose Us
- 100% non-plagiarized Papers
- 24/7 /365 Service Available
- Affordable Prices
- Any Paper, Urgency, and Subject
- Will complete your papers in 6 hours
- On-time Delivery
- Money-back and Privacy guarantees
- Unlimited Amendments upon request
- Satisfaction guarantee
How it Works
- Click on the “Place Order” tab at the top menu or “Order Now” icon at the bottom and a new page will appear with an order form to be filled.
- Fill in your paper’s requirements in the "PAPER DETAILS" section.
- Fill in your paper’s academic level, deadline, and the required number of pages from the drop-down menus.
- Click “CREATE ACCOUNT & SIGN IN” to enter your registration details and get an account with us for record-keeping and then, click on “PROCEED TO CHECKOUT” at the bottom of the page.
- From there, the payment sections will show, follow the guided payment process and your order will be available for our writing team to work on it.