Tuesday, August 19, 2014

memory leak and memory corruption


Memory corruption occurs in a computer program when the contents of a memory location are unintentionally modified due to programming errors; this is termed violating memory safety

Memory corruption errors can be broadly classified into four categories:
  1. Using uninitialized memory: Contents of uninitialized memory are treated as garbage values. Using such values can lead to unpredictable program behavior.
  2. Using none-owned memory: It is common to use pointers to access and modify memory. If such a pointer is a null pointer,dangling pointer (pointing to memory that has already been freed), or to a memory location outside of current stack or heap bounds, it is referring to memory that is not then possessed by the program. Using such pointers is a serious programming flaw. Accessing such memory usually causes operating system exceptions, that most commonly lead to a program crash (unless suitable memory protection software is being used).
  3. Using memory beyond the memory that was allocated (buffer overflow): If an array is used in a loop, with incorrect terminating condition, memory beyond the array bounds may be accidentally manipulated. Buffer overflow is one of the most common programming flaws exploited by computer viruses, causing serious computer security issues (e.g. return-to-libc attackstack-smashing protection) in widely used programs. In some cases programs can also incorrectly access the memory before the start of a buffer.
  4. Faulty heap memory management: Memory leaks and freeing non-heap or un-allocated memory are the most frequent errors caused by faulty heap memory management.
Many memory debuggers such as PurifyValgrindInsure++AddressSanitizer are available to detect memory corruption errors.


Memory Leak:

Memory leakage is memory lost. You can't use the leaked portion of memory during the course of execution. For example: 

int * p = new int[10]; 
p++; 
delete []p; 

Here memory is leaked as we are not deleting the first location of array of integer. 

Memory corruption:

On the other side memory corruption is like over deleting the same memory location. 

For example: 

int *p = new int; 
delete p; 
delete p; //dont use delete twice, it may corrupt the heap(memory) 

Avoid memory corruption:

int *p = new int; 
delete p; 
p = NULL; 
delete p; // this delete will not harmful for heap 


[hello.c:15] **WRITE_OVERFLOW**
>>         strcat(str, argv[i]);
  Writing overflows memory: <argument 1>
          bbbbbbbbbbbbbbbbbbbbbbbbbb
          |           16           | 2 |
          wwwwwwwwwwwwwwwwwwwwwwwwwwwwww
   Writing  (w) : 0xbfffeed0 thru 0xbfffeee1 (18 bytes)
   To block (b) : 0xbfffeed0 thru 0xbfffeedf (16 bytes)
                 str, declared at hello.c, 11
  Stack trace where the error occurred:
                          strcat()  (interface)
                            main()  hello.c, 15
**Memory corrupted.  Program may crash!!**
[hello.c:18] **READ_OVERFLOW**
>>     printf("You entered: %s\n", str);
  String is not null terminated within range: str
  Reading   : 0xbfffeed0
  From block: 0xbfffeed0 thru 0xbfffeedf (16 bytes)
             str, declared at hello.c, 11
  Stack trace where the error occurred:
                            main()  hello.c, 18

You entered: hello cruel world

source:

Tools u may try for memory corruption:

No comments:

Post a Comment