-
-
I am Dave Jing Tian, an Assistant Professor in the Department of Computer Science at Purdue University working on system security. My research involves embedded systems, operating systems, trusted and confidential computing, and hardware security and trust. All opinions are my own.
Shoot me:
root@davejingtian.org Categories
Resource
Tags
- ABNF
- agile
- AI/ML
- Alcatel-Lucent
- android
- arp
- asn1c
- assembly
- bash
- ber
- bison
- BNF
- build
- C
- CentOS
- CIS122
- Coverity
- crypto
- csv
- cuda
- DCA
- ddclient
- debugfs
- DH
- Diffie-Hellman
- drd
- drig
- elixir
- fedora
- fedup
- flex
- fsck
- gcc
- gdb
- GFW
- git
- github
- gnome
- gprof
- gpu
- guitar
- gumstix
- helgrind
- intel
- itevad
- Java
- jmgsim
- JVM
- kenai
- kernel
- kill
- ksh
- kvm
- ld
- Linux
- list
- netbeans
- netlink
- nvidia
- OS
- overo
- Python
- relay
- security
- selinux
- sgx
- socket
- ssh
- Ubuntu
- UO
- USB
- valgrind
- x86
- x86_64
- yocto
Blog Stats
- 236,456 hits
-
All blogs on this website are licensed under a Creative Commons Attribution 4.0 International License. -
-
-
Category Archives: Static Code Analysis
A PoC of DoS attack in Elixir Actor Model
The naive way of using the Actor model in Elixir is using “receive” in a loop, which is then “spawn”d as a Erlang process. Unfortunately, a potential DoS attack could happen if the pattern matching is not coded carefully with … Continue reading
Posted in Programming, Security, Static Code Analysis
Tagged actor, DoS, elixir, Erlang, OTP
Leave a comment
A pitfall of GenServer programming in Elixir
OTP as a programming platform/framework, empowers not only Erlang, but also Elixir. This post looks into a pitfall when programming GenServer in Elixir, and provides a potential solution. All callbacks in the GenServer behavior have a limited and pre-defined possible … Continue reading
Posted in Programming, Static Code Analysis
Tagged dialyxir, dialyzer, elixir, GenServer, OTP
Leave a comment
Malware Reverse Engineering – Part II
While most tools for MRE are staightforward, some of them require time, patience, and skills to show the full power. For static analysis, this means IDA; for dynamic analysis, it is OllyDbg (and WinDbg for Windows kernel debugging). In this … Continue reading
Malware Reverse Engineering – Part I
I took a “Malware Reverse Engineering (MRE)” class last semeter and it was fun to me, partially because I was not a Windows person, though I am still not. What seems ridiculous to me is how trivial one can write … Continue reading
Posted in Security, Static Code Analysis
Tagged IDA, Inetsim, malware, MRE, PEiD, PEStudio, PEview, Ransomware, RegShot, Windows
Leave a comment
Valgrind – dynamic code analysis tool – part VII – ERROR: ld.so: object ‘/dev/shm/valgrind/lib/valgrind/vgpreload_core-amd64-linux.so’ from LD_PRELOAD cannot be preloaded: ignored.
Recently encountered a ld error when starting 64-bit valgrind (3.7.0) for 64-bit binary. This is a bug in 3.7.0 and the fix will be submitted into 3.8.0. Detailed info could be found via (https://bugs.kde.org/show_bug.cgi?id=286270). As always, we could either checkout … Continue reading
Valgrind – dynamic code analysis tool – part VI – configure: error: please use gcc >= 3.0 or clang >= 2.9
This post is trying to figure out the reason why configure of valgrind may report the error like this – configure: error: please use gcc >= 3.0 or clang >= 2.9 and the stupid workaround to make the building go … Continue reading
Valgrind – dynamic code analysis tool – part V – valgrind: failed to start tool ‘memcheck’ for platform …
This post contains certain error message when ‘Valgrind’ is called: valgrind: failed to start tool ‘memcheck’ for platform ‘XXXXXX’: No such file or directory. There is a tricky question – can 32-bit valgrind be run on 64-bit platform? The answer is … Continue reading
Valgrind – dynamic code analysis tool – part IV – DRD
Valgrind – DRD – while Helgrind is the major tool for concurrency issue detection, some options of DRD are also helpful on debugging concurrency issue, especially –exclusive-threshold, used to report mutex locked for long, and –shared-threshold, used to report shared … Continue reading
Valgrind – dynamic code analysis tool – part III – Helgrind
Valgrind – Helgrind – concurrency issue detection. # Helgrind http://valgrind.org/docs/manual/hg-manual.html –tool=helgrind [root@localhost valgrindTest]# cat simpleDataRace.c /* Code from Valgrind Manual */ #include <pthread.h> int var = 0; void* child_fn ( void* arg ) { var++; /* Unprotected relative to parent … Continue reading
Valgrind – dynamic code analysis tool – part II – fd leak
Valgrind – File descriptor (fd) leak detection trial # File descriptor (fd) leak detection –track-fds=yes [root@localhost valgrindTest]# cat fdLeakTry.c /* daveti’s stupid code for fd leak */ #include <stdio.h> int main( int argc, char *argv[]) { FILE *fdPtr = fopen(“daveti.log”, … Continue reading
davejingtian.org 