728x90

Official link: https://valgrind.org/

 

Valgrind Home

Valgrind is an instrumentation framework for building dynamic analysis tools. There are Valgrind tools that can automatically detect many memory management and threading bugs, and profile your programs in detail. You can also use Valgrind to build new tool

valgrind.org

 

Install:

sudo apt install valgrind  # Ubuntu, Debian, etc.
sudo yum install valgrind  # RHEL, CentOS, Fedora, etc.
sudo pacman -Syu valgrind  # Arch, Manjaro, Garuda, etc

 

 

내부적으로 GDB를 사용하기 때문에 addr2line같은 것들이 제대로 동작해야 한다.

이전 포스팅에서 추가했던 secure compile option들을 넣으면 안된다.

대신 -g를 추가하여 debugging이 가능하도록 해야 한다.

https://bluelimn.tistory.com/entry/secure-compile

 

secure compile

checksec를 통해 secure compile 정보를 알 수 있다. https://github.com/slimm609/checksec.sh GitHub - slimm609/checksec.sh: Checksec.sh Checksec.sh. Contribute to slimm609/checksec.sh development by creating an account on GitHub. github.com 우선 3

bluelimn.tistory.com

 

ref: https://stackoverflow.com/questions/5134891/how-do-i-use-valgrind-to-find-memory-leaks

valgrind --leak-check=full \
         --show-leak-kinds=all \
         --track-origins=yes \
         --verbose \
         --log-file=valgrind-out.txt \
         ./executable exampleParam1

 

728x90
728x90

MyComboBox.java

import java.awt.event.*;
import javax.swing.*;
import javax.swing.event.*;
import javax.swing.text.JTextComponent;
import javax.swing.undo.*;

public class MyComboBox extends JComboBox {


	final UndoManager undoMgr = new UndoManager();
	
	public MyComboBox() {
		super();
        init();
    }
	
    public final static String UNDO_ACTION = "Undo";

    public final static String REDO_ACTION = "Redo";

    private void init()
    {

    	setEditable(true);

        getEditor().getEditorComponent().addKeyListener(new KeyAdapter() {
		    @Override
		    public void keyReleased(KeyEvent event) {
		        if (event.getKeyCode() == KeyEvent.VK_F3)
		        {
		        	addItem((String)((JTextComponent)getEditor().getEditorComponent()).getText());
		        }
		        else if (event.getKeyCode() == KeyEvent.VK_F4)
		        {
		        	removeItemAt(getSelectedIndex());
		        }
		    }
		    public void keyPressed(KeyEvent e) {
		        if (e.getKeyCode() == KeyEvent.VK_Z && e.isControlDown()) {
		            if (undoMgr.canUndo()) {
		            	undoMgr.undo();
		            }
		        } else if (e.getKeyCode() == KeyEvent.VK_Y && e.isControlDown()) {
		            if (undoMgr.canRedo()) {
		            	undoMgr.redo();
		            }
		        }
		    }
		});

        // Add listener for undoable events
    	(((JTextField)getEditor().getEditorComponent()).getDocument()).addUndoableEditListener(new UndoableEditListener() {
            public void undoableEditHappened(UndoableEditEvent pEvt) {
                undoMgr.addEdit(pEvt.getEdit());
            }
        });

    }

}

 

 

MyTextField.java

import java.awt.event.*;
import javax.swing.*;
import javax.swing.event.*;
import javax.swing.text.JTextComponent;
import javax.swing.undo.*;

public class MyTextField extends JTextField {
    public MyTextField() {
        final UndoManager undoMgr = new UndoManager();

        // Add listener for undoable events
        getDocument().addUndoableEditListener(new UndoableEditListener() {
            public void undoableEditHappened(UndoableEditEvent pEvt) {
                undoMgr.addEdit(pEvt.getEdit());
            }
        });

        // Add undo/redo actions
        getActionMap().put(UNDO_ACTION, new AbstractAction(UNDO_ACTION) {
            public void actionPerformed(ActionEvent pEvt) {
                try {
                    if (undoMgr.canUndo()) {
                        undoMgr.undo();
                    }
                } catch (CannotUndoException e) {
                    e.printStackTrace();
                }
            }
        });
        getActionMap().put(REDO_ACTION, new AbstractAction(REDO_ACTION) {
            public void actionPerformed(ActionEvent pEvt) {
                try {
                    if (undoMgr.canRedo()) {
                        undoMgr.redo();
                    }
                } catch (CannotRedoException e) {
                    e.printStackTrace();
                }
            }
        });

        // Create keyboard accelerators for undo/redo actions (Ctrl+Z/Ctrl+Y)
        getInputMap().put(KeyStroke.getKeyStroke(KeyEvent.VK_Z, InputEvent.CTRL_DOWN_MASK),
            UNDO_ACTION);
        getInputMap().put(KeyStroke.getKeyStroke(KeyEvent.VK_Y, InputEvent.CTRL_DOWN_MASK),
            REDO_ACTION);
    }
    
    public final static String UNDO_ACTION = "Undo";

    public final static String REDO_ACTION = "Redo";

    public static void makeUndoable(JTextComponent pTextComponent) {
        final UndoManager undoMgr = new UndoManager();

        // Add listener for undoable events
        pTextComponent.getDocument().addUndoableEditListener(new UndoableEditListener() {
            public void undoableEditHappened(UndoableEditEvent evt) {
                undoMgr.addEdit(evt.getEdit());
            }
        });

        // Add undo/redo actions
        pTextComponent.getActionMap().put(UNDO_ACTION, new AbstractAction(UNDO_ACTION) {
            public void actionPerformed(ActionEvent evt) {
                try {
                    if (undoMgr.canUndo()) {
                        undoMgr.undo();
                    }
                } catch (CannotUndoException e) {
                    e.printStackTrace();
                }
            }
        });
        pTextComponent.getActionMap().put(REDO_ACTION, new AbstractAction(REDO_ACTION) {
            public void actionPerformed(ActionEvent evt) {
                try {
                    if (undoMgr.canRedo()) {
                        undoMgr.redo();
                    }
                } catch (CannotRedoException e) {
                    e.printStackTrace();
                }
            }
        });

        // Create keyboard accelerators for undo/redo actions (Ctrl+Z/Ctrl+Y)
        pTextComponent.getInputMap().put(
            KeyStroke.getKeyStroke(KeyEvent.VK_Z, InputEvent.CTRL_DOWN_MASK), UNDO_ACTION);
        pTextComponent.getInputMap().put(
            KeyStroke.getKeyStroke(KeyEvent.VK_Y, InputEvent.CTRL_DOWN_MASK), REDO_ACTION);
    }
}
728x90

'Programming > JAVA잡기' 카테고리의 다른 글

자바 RMI (Remote Method Invovation) 사용하기  (0) 2008.09.23
자바 컴포넌트 기술(JDBC, JSP,JFC...)  (0) 2008.03.13
why JAVA?  (0) 2008.03.13
728x90

checksec를 통해 secure compile 정보를 알 수 있다.

https://github.com/slimm609/checksec.sh

 

GitHub - slimm609/checksec.sh: Checksec.sh

Checksec.sh. Contribute to slimm609/checksec.sh development by creating an account on GitHub.

github.com

 

우선 3가지 방향으로 compile을 해봤다.

test$ gcc pie_test.c -o default_pie

test$ gcc -static pie_test.c -o without_pie

test$ gcc -pie -fPIE pie_test.c -o with_pie

 

x86_64에서는 default로 PIE를 지원하고 있다.

Arm에서는 어떤지 알아보자

 

test$ aarch64-none-linux-gnu-gcc pie_test.c -o default_arm_pie
test$ aarch64-none-linux-gnu-gcc pie_test.c -static -o static_arm_pie
test$ aarch64-none-linux-gnu-gcc pie_test.c -fPIE -pie -o with_pie_arm_pie

Default로 PIE가 지원하지 않음을 알 수 있다. PIE를 위해서는 -fPIE -pie가 필요하다.

-fPIE는 compile option이고 -pie는 linker option이라고 한다.

 

stack canary에 대해 확인해보자

 

canary를 지원하기 위해서는 -fstack-protector-all를 추가해야 한다.

 

FORTIFY 추가: -D_FORTIFY_SOURCE=2

이건 -O를 함께 요구하기도 한다.

 

RELRO로 한번 넣어보자.:Relocation Read-Only : -Wl,-z,relro,-z,now

test$ aarch64-none-linux-gnu-gcc pie_test.c -fPIE -pie -fstack-protector-all -O -D_FORTIFY_SOURCE=2 -Wl,-z,relro,-z,now -o with_fortify

 

Symbols : -s

test$ aarch64-none-linux-gnu-gcc pie_test.c -fPIE -pie -fstack-protector-all -O -D_FORTIFY_SOURCE=2 -Wl,-z,relro,-z,now  -s -o with_fortify

 

* NX: "No eXecute" 영역이 적용되어 있는지 여부를 나타냅니다. 이 기능은 데이터 섹션에서 실행할 수 있는 코드 실행을 막아서, 공격자가 바이너리에 대한 취약점을 악용하는 것을 방지합니다.

* RPATH: ELF 바이너리에서 실행 시 참조할 라이브러리 경로를 지정하는데 사용됩니다. RPATH는 보안 위험이 발생할 수 있는 기능 중 하나로, 바이너리가 취약점을 가지고 있는 경우, 공격자가 RPATH를 이용하여 공격할 수 있습니다.

* RUNPATH: RPATH와 비슷한 역할을 하지만, 라이브러리 경로를 찾는 방법이 다릅니다. RUNPATH는 LD_LIBRARY_PATH와 같이 컴파일러나 링커에서 지정된 환경 변수에서 라이브러리 경로를 찾습니다.

* FORTIFY: FORTIFY는 C 라이브러리 함수를 보안 강화된 버전으로 대체하는 방식으로, 버퍼 오버플로우나 포맷 문자열 취약점 등의 보안 문제를 방지합니다.

* Symbols: ELF 바이너리에서 전역 심볼이 제대로 제한되었는지 여부를 나타냅니다. 이 기능은 공격자가 ELF 바이너리 내부의 함수나 변수의 위치를 찾아서 악용하는 것을 방지합니다. 따라서, 이 기능이 활성화되어 있으면 ELF 바이너리가 더욱 안전하게 실행될 수 있습니다.

* RELRO: RELRO는 "RELocation Read-Only"의 약자로, 바이너리의 메모리 매핑을 보호하는 기능입니다. 바이너리가 실행될 때, 공유 라이브러리나 동적 연결된 라이브러리들을 메모리에 로드합니다. 그런데 이러한 라이브러리들이 바이너리의 일부로 취급될 경우, 메모리 매핑이 변경될 수 있습니다. 이 때, 공격자가 바이너리의 실행 흐름을 변경하여 악용할 수 있습니다. 이를 방지하기 위해 RELRO 기능을 사용하여 바이너리의 메모리 매핑을 읽기 전용으로 설정합니다. RELRO 기능은 Partial RELRO와 Full RELRO가 있으며, Full RELRO는 보안성이 높아 추천되는 옵션입니다.

728x90
728x90

https://ieeexplore.ieee.org/iel7/9952188/9952355/09952802.pdf

Emergency Handling Considerations in Wireless BMS

In current BMS (Battery Management System) in xEV (electric vehicles including hybrid, plugin, and fuel cell), wired communication between cell monitoring ICs and a main controller has been the most commonly used method to connect battery balancing ICs and

ieeexplore.ieee.org


Published in
2022 13th International Conference on Information and Communication Technology Convergence (ICTC)
Date of Conference
19-21 October 2022
Date Added to IEEE Xplore
25 November 2022
ISBN Information
ISSN Information
INSPEC Accession Number
22330032
DOI
10.1109/ICTC55196.2022.9952802
Publisher:
IEEE

728x90

'Programming' 카테고리의 다른 글

QT 프로그래밍  (0) 2008.11.28

+ Recent posts