Book Review: The Art of Assembly Language, 2nd Edition

Have you ever tried to teach x86 assembly language programming to someone coming from high level language programming background and discovered that it was hard? Before being able to write a simple “Hello World” program one needs to know a fair deal about the x86 architecture, the assembler language and the operating system. Obviously this is […]

Casts are bad

Halvar and Dennis Elser recently blogged about a serious vulnerability in the ATL libraries. A few days ago, Microsoft released an emergency “out-of-band” patch. Yes, the bug was that nasty, and since it is in a library, many MS Windows components were affected. Everyone who used the library should review their code and […]

Double renaming

Quite often I have to revise old code in IDA Pro. Given its age, it happens almost every time a new feature is added (two exceptions: the bTree and the virtual memory manager are basically the same as about 17 years ago).

Confusing instruction

A few days ago I was working on the x86 IDA module. The goal was to have it recognize jump tables for 64-bit processors. This is routine: we have to add new instruction idioms to the analysis engine from time to time to keep up with new compilers. I was typing in the patterns and hoping that the tests would […]

On uninitialized variables

Quite busy week, sorry for being silent. I wanted to talk about an annoyance I discovered with all my C/C++ compilers. Here is quite interesting presentation from Halvar Flake: Attacks on uninitialized local variables After reading it I wanted to verify my compilers and created a small C file. I wanted to check if the compilers would warn […]


FOSDEM did not deceive me at all – just the contrary. There were many interesting things and the talk I liked the most was about valgrind. The very obvious idea after it was “why not develop a security scanner on the top of valgrind?”. Valgrind is a framework to develop simulation-based tools, and MemCheck is […]

Capricious programming

Textbooks on software engineering prescribe to check preconditions at the beginning of a function. This is a really good idea: the sooner we detect that the input data or environment does not match our expectations, the easier it is to trace and debug the application. A nice function with precondition checking refuses to “work” if […]