堆栈内存溢出
  简体   繁体   English

AddressSanitizer(或任何其他工具)可以在不需要编译的情况下检测 Android 本机代码二进制文件中的 memory 错误吗?

[英]Can AddressSanitizer (or any other tool) detect memory bugs in Android native code binaries without needing compilation?

 原文  2020-06-16 18:43:44       android/ native-code/ address-sanitizer/ frida

问题描述

Google's AddressSanitizer detects memory bugs in Android native code. Google 的AddressSanitizer在 Android 本机代码中检测到 memory 错误。 It does require , however, that the target binary (ie, executable or library) be recompiled with whatever flags and settings it needs:但是,它确实需要使用它需要的任何标志和设置重新编译目标二进制文件(即可执行文件或库):

AddressSanitizer (ASan) is a fast compiler-based tool for detecting memory bugs in native code. AddressSanitizer (ASan) 是一种基于编译器的快速工具,用于检测本机代码中的 memory 错误。

Is there a tool that can detect Android memory bugs without requiring any recompilation of the target binary?是否有无需重新编译目标二进制文件即可检测 Android memory 错误的工具? Here are some thoughts of what such a tool would look like:以下是对此类工具外观的一些想法:

  • The tool should intercept/hook the relevant memory-related functions in libc.so (eg, malloc, free, calloc, realloc), similar to Frida 's ability to intercept any native code function.该工具应该拦截/挂钩 libc.so 中的相关内存相关函数(例如libc.so 、free、calloc、realloc),类似于Frida拦截任何本机代码 function 的能力。
  • The tool should work by its being injected into a process space.该工具应该通过将其注入进程空间来工作。 From that point, everything should "just work".从那时起,一切都应该“正常工作”。
  • It should also intercept both hardware faults and software exceptions (eg, segmentation faults) to detect a memory bug.它还应该拦截硬件故障和软件异常(例如,分段故障)以检测 memory 错误。
  • It would be reasonable to assume this tool would not be as powerful as compiler-based AddressSanitizer, but that's to be expected.可以合理地假设该工具不如基于编译器的 AddressSanitizer 强大,但这是意料之中的。

1 个解决方案

解决方案1
 1  2020-06-18 23:07:07

https://github.com/frida/frida-gum https://github.com/frida/frida-gum

Helper libraries for developers needing highly granular:需要高度粒度的开发人员的帮助库:

Heap allocation tracking and leak checking.堆分配跟踪和泄漏检查。

https://github.com/frida/frida-gum/tree/master/libs/gum/heaphttps://github.com/frida/frida-gum/tree/master/libs/gum/heap

Profiling with worst-case inspector callback.使用最坏情况检查器回调进行分析。

https://github.com/frida/frida-gum/blob/7e4c5b547b035ae05d2f9e160652101bf741e6c3/libs/gum/prof/gumprofiler.h#L40-L42 https://github.com/frida/frida-gum/tree/master/libs/gum/prof https://github.com/frida/frida-gum/blob/7e4c5b547b035ae05d2f9e160652101bf741e6c3/libs/gum/prof/gumprofiler.h#L40-L42 https://github.com/frida/frida-gum/tree/master/libs /口香糖/教授

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 在Android本机代码中检测内存泄漏 - Detect memory leak in android native code Valgrind:如何使用valgrind检测Android上本机代码的内存泄漏? - Valgrind : How to use valgrind to detect memory leaks of native code on Android? 如何在不需要Android OS源代码的情况下在Android NDK中创建新的NativeWindow? - How can I create a new NativeWindow in Android NDK without needing the Android OS source code? 调试Android本机二进制文件 - Debug android native binaries 本机代码可以导致Android中Java代码中的内存损坏吗? - Can native code cause memory corruption in Java code in Android? 是否有针对Android设备的设备特定错误的汇编? - Is there a compilation of device-specific bugs for Android devices? 您可以在不编写任何本机代码的情况下访问智能手机上的蓝牙吗? - Can you access Bluetooth on smartphones without writing any native code? 如何检测是否在Android中启动任何本机应用程序 - How to detect if any native app is launched in android 有什么工具可以追踪Android代码流的顺序? - Any tool to trace the sequence of Android code flow? 有什么方法可以在react native(expo)中检测到Android软导航栏吗? - Is there any way that we can detect android soft navigation bar in react native(expo )?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM