Learn about CREDAL, a novel approach for locating memory corruption vulnerabilities using core dumps, presented at the 23rd ACM Conference on Computer and Communications Security. Explore the challenges of postmortem program analysis, understand the process of tracking down crash points, identifying stack frames, and determining corrupted data objects. Discover how this technique can help pinpoint where memory corruption occurs through case studies and corner cases. Gain insights into improving software security and debugging practices for memory-related issues in this informative conference talk.
CREDAL - Towards Locating a Memory Corruption Vulnerability with Your Core Dump
Association for Computing Machinery (ACM) via YouTube
Overview
Syllabus
Intro
Software inevitably contains defects
Events leading to crash
Program Snapshot
Postmortem Program Analysis
Crash due to memory corruption
New Challenges
Our Approach
Track down the crash point
Identify stack frames
Determine corrupted data objects
Determine where corruption occurs
Case Studies
Corner Cases
Conclusions
Questions?
Taught by
ACM CCS
