Category Archives: Static Code Analysis

Malware Reverse Engineering – Part II

While most tools for MRE are staightforward, some of them require time, patience, and skills to show the full power. For static analysis, this means IDA; for dynamic analysis, it is OllyDbg (and WinDbg for Windows kernel debugging). In this … Continue reading

Posted in Security, Static Code Analysis | Tagged , , , , , , , , , | Leave a comment

Malware Reverse Engineering – Part I

I took a “Malware Reverse Engineering (MRE)” class last semeter and it was fun to me, partially because I was not a Windows person, though I am still not. What seems ridiculous to me is how trivial one can write … Continue reading

Posted in Security, Static Code Analysis | Tagged , , , , , , , , , | Leave a comment

Valgrind – dynamic code analysis tool – part VII – ERROR: ld.so: object ‘/dev/shm/valgrind/lib/valgrind/vgpreload_core-amd64-linux.so’ from LD_PRELOAD cannot be preloaded: ignored.

Recently encountered a ld error when starting 64-bit valgrind (3.7.0) for 64-bit binary. This is a bug in 3.7.0 and the fix will be submitted into 3.8.0. Detailed info could be found via (https://bugs.kde.org/show_bug.cgi?id=286270). As always, we could either checkout … Continue reading

Posted in Static Code Analysis | Tagged , , | Leave a comment

Valgrind – dynamic code analysis tool – part VI – configure: error: please use gcc >= 3.0 or clang >= 2.9

This post is trying to figure out the reason why configure of valgrind may report the error like this – configure: error: please use gcc >= 3.0 or clang >= 2.9 and the stupid workaround to make the building go … Continue reading

Posted in Static Code Analysis | Tagged , , | Leave a comment

Valgrind – dynamic code analysis tool – part V – valgrind: failed to start tool ‘memcheck’ for platform …

This post contains certain error message when ‘Valgrind’ is called:┬ávalgrind: failed to start tool ‘memcheck’ for platform ‘XXXXXX’: No such file or directory. There is a tricky question – can 32-bit valgrind be run on 64-bit platform? The answer is … Continue reading

Posted in Static Code Analysis | Tagged , , | Leave a comment

Valgrind – dynamic code analysis tool – part IV – DRD

Valgrind – DRD – while Helgrind is the major tool for concurrency issue detection, some options of DRD are also helpful on debugging concurrency issue, especially –exclusive-threshold, used to report mutex locked for long, and –shared-threshold, used to report shared … Continue reading

Posted in Static Code Analysis | Tagged , , , , , | Leave a comment

Valgrind – dynamic code analysis tool – part III – Helgrind

Valgrind – Helgrind – concurrency issue detection. # Helgrind http://valgrind.org/docs/manual/hg-manual.html –tool=helgrind [root@localhost valgrindTest]# cat simpleDataRace.c /* Code from Valgrind Manual */ #include <pthread.h> int var = 0; void* child_fn ( void* arg ) { var++; /* Unprotected relative to parent … Continue reading

Posted in Static Code Analysis | Tagged , , | Leave a comment