Confusing instruction

A few days ago I was working on the x86 IDA module. The goal was to have it recognize jump tables for 64-bit processors. This is routine: we have to add new instruction idioms to the analysis engine from time to time to keep up with new compilers. I was typing in the patterns and hoping that the tests would […]

On uninitialized variables

Quite busy week, sorry for being silent. I wanted to talk about an annoyance I discovered with all my C/C++ compilers. Here is quite interesting presentation from Halvar Flake: Attacks on uninitialized local variables After reading it I wanted to verify my compilers and created a small C file. I wanted to check if the compilers would warn […]


FOSDEM did not deceive me at all – just the contrary. There were many interesting things and the talk I liked the most was about valgrind. The very obvious idea after it was “why not develop a security scanner on the top of valgrind?”. Valgrind is a framework to develop simulation-based tools, and MemCheck is […]

Capricious programming

Textbooks on software engineering prescribe to check preconditions at the beginning of a function. This is a really good idea: the sooner we detect that the input data or environment does not match our expectations, the easier it is to trace and debug the application. A nice function with precondition checking refuses to “work” if […]