Merken

Can we run C code and be safe?

Zitierlink des Filmsegments
Embed Code

Automatisierte Medienanalyse

Beta
Erkannte Entitäten
Sprachtranskript
chat few
and and by the the and the people who are you can stand out of the I think I to use this and I all of the and the and the and the kind of thing and I can stand that the think of which is in the best of its the problem is that you will have to wear on a lot of the software on the that you wanted to you on the Iraq's and security related this and you want to out and to find ways to make use of almost here that this is not supported by the respondents were the so there is a need for that and get the all the today is not what I'm doing something which is kind related so um this to security 1 of you can code of all those memory corruption of quantity to sort of 3 hours but they're always the key on but on tools for sure that he doesn't have any intelligence about the memory aid users in some kind of of authority and then there exists a profit of that far too many rights or on the wrong index and yet you have a problem in the park and its material is the of the who grew up the question is so in here if you could just this digit could be something that can be used by the system policy and you find the which means you're compiler into the and once you have no guarantee that you're going to have any kind of reliable behavior so we could say OK if we have the size the advancement and his is going to come out of the OK let let's play safe and efficient access to the memory of the timing of attention for how and that different kinds of this so in the long run which from most of you know all of the time in indication of text of this in the memory of the of this project so on CDs which tries to use memory strong sense problem with that is that the practical so you can compile and about to do something like this and so on and you end up finding out that it doesn't work and then just use of some of the people of which is compiled Future of 100 talk aboat so everything you have the unit of land in Jesus units and so you probably want already have it on the machines distrust of an additional compiler found it had the vector control and you know it gets 50 to 1 and so on so this is a really bad and he is not something that was originally supposed to be and for a while production use to test use of the and then I think is actually works like it's not so the toolbar OK if you try to find the application the rate of most applications of 10 compiled in so and you might have to do something however and something something that bad happens and it from from this nice aspect ratings and so you get a free you can add your own story on so it's right of size for some edges and the lines in the cold it happened in the history of phrases in any of the NATO where memories was probably at a of y so you get a pretty good idea of what you got the so that's a real example from Bach and you just you and report just know yeah I was just about all and the no no no no that's OK this is a nice feature it actually possible higher-level system I'm not going to be lot of this kind of the kind of work by trying that and it might be an option the the use of you can say you know because of the use of to run I the other and I tried this at all but gentlemanly is just more than tool and you can do this In this changes as he was already on the sort of by the end of Lake and so you might OK it's just a comparatively and become part of that is actually not that you want so um some of the problems that OK if you try to compile due to the size of the problem of something that you place in some of the functions to the number of cations and what's the point In the case of regression problems not can you come and uses the it's positive my to the presence of the knocks it out of the box so it is for a start with the disabled and and comparison analysis the we the and then the next problem around in that if you combined with some kind of that was entirely is no problem to have an occasion that I think that the library that's not of and and the other way around and so if you think I started with my almost all the atoms time that the you all the tools that are early in the morning work anymore so along this means OK we have excluded the that is we are so this sort of dependencies and and it also means if you want we compile the thing we have to consider which what we use so things don't break and this thing in the of yeah yeah then uh which is kind of the it's going to get that when you're accessing something the memory manager the pressure of in our so if you have navigation they just have this this long operation which is quite common with a yet in from the active pots and on the part of the facts of the matter that something here which of course features of both the most users so that fraction of time function that you of could not have a large part but what they call it was amendments of that have the general some random and memory this trend in in in 1 floor of the world and the memory yeah man he had a user of the wire and the wire so these need to be fixed in order to be able to use the phone and that's a good thing it's not and then there is something which is defined as the user has you know the truth about where the code documents that political are you have people say OK cannot deny the correct must be working because in terms of actually example of the culture of Russian so who have written if there are no and initialize it so that the current code option is a pair of so we did a user may be and Angeles but it's the kind of which is wrong about that actually not located the head and governs the of and in the end it's so
you a the company is the largest dataset to things that indicated the goes wrong wrong with that but it's not an is also not technically not a lot of material that they share in data obtained of something no that it actually was a the and you probably know this is often the most of them are nice and so on if you have yeah
so I don't think that he intended to have the yeah so yeah the chemical is not so you cannot just summary and expect that can with you about my theory of the logic of memory on my part of the island decides to like to say OK existing in the resulting model is this state because know that the knowledge of events that actually very area that everything that I have not so I haven't found any so some of the must embarking on its a and there may be false positives this really we yeah that I had a kind of compiler issues and what that you too will want to leadership library the tools it of a linear units and that's the only all your life you know that and that is about breaking the of the because at the time of its turning against the you the and there even strictly at the time of the the and the variance of it and knowing that they have no we it as the kind of tricky thing and that includes it's not that you're using a to install the system and it was clear that some of the packages sold in order to find these people take some kind of the get the properties of the of the relevance of the fact that in so that is also on the way to do was I and the marginal Protestant looks for this so that you can go on and the but then this last time we did you architecture of going on is with the people of the problem in the address and the latter is providing some people have functions of putting the 2 2 1 2 the these but not all of them so what happens is that if the company gets checked this piece of creates this is something that's actually the don't need to leave the library in because of but in the race because the function of when out there and still not me do what the best solution for this is that you want some of you may have this problem was present in the life as a patch check for another country then if you take someone complained that this will be the end of it come to think of it as 1 of yeah then traditional they're using a few notes to note that already the world around you need to find as that is the field in the center of the library and then for it to use it you know about the standards of this and they're also if anyone is going to be a lot of this wave of the catch and the proposed it's really tritium out of the of the of the of at the yeah then have the so we can this is the combined with some kind of work that is a lot of breakage and you can the 1st but it was used so OK defined box that's useful for us the bits of the stocks and this is this is something I want run the corners of the OK I want a higher security here and it's not entirely here is that is a so if you want to think of something that you want to know what the probability of heads and so there are other people trying to use the composed of atoms and had was originally was designed during the necessary this to prevent expectations so that it prevents some parts from being exploited the feature of what you and quality of the of of the static inside your existing buffer that goes beyond the bonds in these parts are not all of the addition of a the and and John all of this is the point and also the result of the on are at the time but uh you may still be able to exploit the union of this was from this experience is explained in much detail on this in my view of each and I think my view and that the itself as part of the implications of the of security not yet and see so I think this was used for projects have made use this what the use the very few people maybe in the future will have something like and that's much better than me Partners Partner because we have the following the news and if you want you to to think about this we have to face these parts of the applications our existing ones 1 of the many other things that this is various exploited efficiently needs and very fortunate that is our still pretty much amounts a non-commutative distributions I'm going on interesting work on you the mediation techniques at the end of all the cultural integrity and system features which I get there probably right now with the production these things for more and only the and have somewhat like and the problem don't on the of it so that it have a long feature which is nice to hear the case and it is it is just 1 of the things that you can the promise so the usefulness of and there are more of percentage of each of the compilers of the history of the Jews most and an integral of was the 1st
and and some users from initial phone yeah this example for embarked a following in the home of the because of the history of our research is used to here but I think it's happening here is that the bigger must be in your full because it's checking if we're still in the bottom and the size this is the index in the order of about personal narrative of the
long bond of yeah expression can you know we
we we we use and the the the the the the the the you know the the the the the the the the the the the the the you you you you you you you you you you you you and we we we we we the we we we the the we we we we we use the we the the the the the the the the the the we were we so that you of things that we know that we have in the we we the thing I think we have a lot of the the the of the the the the on the right and the the the usually you use most of you know the the you know the the the the the the the the use of the of the world and you have a lot you know you you you you you and you know you know in in the minds of a lot of my mind and a lot of the of the of the of the of the of the kind of thing a few of the things in the in the in the in the and and the and the the the the the the the the what the of the of the of the of the of the of the of course we to
Punkt
Compiler
Kartesische Koordinaten
Computeranimation
Metropolitan area network
Freeware
Einheit <Mathematik>
Fahne <Mathematik>
Lineare Regression
Code
Speicherabzug
Kontrollstruktur
Vorlesung/Konferenz
Gerade
Metropolitan area network
Softwaretest
Bruchrechnung
Nichtlinearer Operator
Lineares Funktional
Computersicherheit
Vorzeichen <Mathematik>
Strömungsrichtung
Biprodukt
Bitrate
Konfiguration <Informatik>
Software
Diskrete-Elemente-Methode
Automatische Indexierung
Rechter Winkel
Festspeicher
Digitalisierer
Projektive Ebene
Programmbibliothek
Ordnung <Mathematik>
Schlüsselverwaltung
Quader
Mathematisierung
Zahlenbereich
Ordinalzahl
ROM <Informatik>
Term
Code
Physikalisches System
Virtuelle Maschine
Software
Reelle Zahl
Adressraum
Endogene Variable
Programmbibliothek
Indexberechnung
Analysis
Schreib-Lese-Kopf
Autorisierung
Programmdokumentation
Physikalisches System
Paarvergleich
Quick-Sort
Programmfehler
Mereologie
Overhead <Kommunikationstechnik>
Speicherverwaltung
Resultante
Distributionstheorie
Bit
Punkt
Compiler
Adressraum
Kartesische Koordinaten
Eins
Einheit <Mathematik>
Vorlesung/Konferenz
Lineares Funktional
Addition
Sichtenkonzept
Kategorie <Mathematik>
Computersicherheit
Pufferüberlauf
Biprodukt
Ereignishorizont
Datenfeld
Exploit
Festspeicher
Projektive Ebene
Ordnung <Mathematik>
Programmbibliothek
Standardabweichung
Aggregatzustand
Lineare Abbildung
Ortsoperator
Quader
Kontrollstruktur
Wellenlehre
Ordinalzahl
ROM <Informatik>
Mathematische Logik
Physikalische Theorie
Puffer <Netzplantechnik>
Physikalisches System
Informationsmodellierung
Programmbibliothek
Skript <Programm>
Varianz
Schreib-Lese-Kopf
Gammafunktion
Videospiel
Physikalisches System
Keller <Informatik>
Patch <Software>
Thread
Flächeninhalt
Mereologie
Computerarchitektur
Compiler
Arithmetischer Ausdruck
Programmfehler
Automatische Indexierung
Minimum
Vorlesung/Konferenz
Ordnung <Mathematik>
Rechter Winkel
Speicherabzug
Vorlesung/Konferenz
Computeranimation

Metadaten

Formale Metadaten

Titel Can we run C code and be safe?
Untertitel Running gentoo Linux with address sanitizer
Serientitel FOSDEM 2016
Teil 62
Anzahl der Teile 110
Autor Bock, Hanno
Lizenz CC-Namensnennung 2.0 Belgien:
Sie dürfen das Werk bzw. den Inhalt zu jedem legalen Zweck nutzen, verändern und in unveränderter oder veränderter Form vervielfältigen, verbreiten und öffentlich zugänglich machen, sofern Sie den Namen des Autors/Rechteinhabers in der von ihm festgelegten Weise nennen.
DOI 10.5446/30975
Herausgeber FOSDEM VZW
Erscheinungsjahr 2016
Sprache Englisch

Inhaltliche Metadaten

Fachgebiet Informatik

Ähnliche Filme

Loading...