My very first exposure to buffer overflow was with Morris worm in 80’s and since then, we collectively have tried to get a good handle on buffer overflow as it impacts both security and robustness of C/C++ software. Needless to say, we have made significant progress with addressing buffer overflow via execute disable bit, Canary on stack etc. through which we are able to prevent a class of exploits after the buffer overflow has taken place.
Intel has announced a new technology called Intel® Memory Protection Extensions (Intel® MPX). To find out more, check out the Instruction Set Extensions web pages. Once you know about Intel MPX, you may want to experiment with Intel® SDE. This article explains how to run Intel MPX with Intel SDE and some different behavior when using Intel SDE than when running Intel MPX in production systems.
Invalid memory access problem is commonly found in many C/C++ programs and leads to time consuming debugging, program instability and vulnerability. Many attacks exploit software bugs related to inappropriate memory accesses caused by buffer overflow (or buffer overruns). Existing set of techniques/tools to find such memory bugs in the programs and defend them from the attacks are software only solutions which result in poor performance of the protected code.
by Milind Girkar, Hongjiu Lu, David Kreitzer, and Vyacheslav Zakharin (Intel)
Description of the Intel® AVX, Intel® AVX2, Intel® AVX-512 and Intel® MPX extensions required for the Intel® 64 architecture application binary interface.
The C and C++ languages provide for memory access via pointers, however, these languages do not ensure the safe use of pointers. Left undetected, the unsafe use of pointers puts an application at risk of data corruption or malicious attack via buffer overruns and overflows.
The Intel Intrinsics Guide is an interactive reference tool for Intel intrinsic instructions, which are C style functions that provide access to many Intel instructions – including Intel® Streaming SIMD Extensions (Intel® SSE), Intel® Advanced Vector Extensions (Intel® AVX), and more – without the need to write assembly code.
This guide provides searching and filtering functionality, in addition to reference information for every intrinsic. Reference information includes synopsis, description, functional operation, and corresponding instruction(s).
Intel® Software Development Emulator (released Jan 11, 2015)
- Seite 2