HN Theater has aggregated all Hacker News stories and comments that mention USENIX Enigma Conference's video "USENIX Enigma 2016 - Sanitize, Fuzz, and Harden Your C++ Code".
Youtube Summary
Kostya Serebryany, Software Engineer, Google
The Sanitizers (AddressSanitizer and friends) is a family of dynamic testing tools for C and C++ based on compile-time instrumentation. They find bugs like use-after-free, buffer overflows, data races, uses of uninitialized memory, integer overflows, and many other kinds of bugs both in the user space and in the kernel. These tools are only as good as your test coverage, and so we’ll also discuss libFuzzer, a library for in-process contol- and data-flow guided fuzzing. Finally, even if these tools miss some of the bugs there is one more line of defense: security hardening of production binaries using compiler instrumentation. Control Flow Integrity will halt the program if a VPTR or an indirect function pointer looks corrupt, and Safe Stack will protect the return address from stack buffer overflow.
Sign up to find out more about Enigma conferences: https://www.usenix.org/conference/enigma2016#signup
Watch all Enigma 2016 videos at: http://enigma.usenix.org/youtube
Lorem ipsum dolor sit amet,
consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et
dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation
ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor
in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla
pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui
officia deserunt mollit anim id est laborum.