The document discusses several types of errors found using static analysis on the NetXMS open source project codebase. It describes 4 examples of 64-bit errors where pointers are incorrectly cast to 32-bit types. It also mentions errors handling unsigned types like sockets, half-cleared buffers due to misunderstanding string sizes, copy-paste errors, uninitialized variables, null pointer dereferences, and incorrect variable type usage with variadic functions. The author encourages the NetXMS developers to use the static analysis tool to find and address these kinds of issues in their code.
Monitoring a program that monitors computer networksAndrey Karpov
There exists the NetXMS project, which is a software product designed to monitor computer systems and networks. It can be used to monitor the whole IT-infrastructure, from SNMP-compatible devices to server software. And I am naturally going to monitor the code of this project with the PVS-Studio analyzer.
ESET’s guide to deobfuscating and devirtualizing FinFisherESET Middle East
To help malware analysts and security researchers overcome FinFisher’s advanced anti-disassembly obfuscation and virtualization features, ESET researchers have framed some clever tricks into a whitepaper.
20 issues of porting C++ code on the 64-bit platformAndrey Karpov
Program errors occurring while porting C++ code from 32-bit platforms on 64-bit ones are observed. Examples of the incorrect code and the ways to correct it are given. Methods and means of the code analysis which allow to diagnose the errors discussed, are listed.
This article contains various examples of 64-bit errors. However, we have learnt much more examples and types of errors since we started writing the article and they were not included into it. Please see the article "A Collection of Examples of 64-bit Errors in Real Programs" that covers defects in 64-bit programs we know of most thoroughly. We also recommend you to study the course "Lessons on development of 64-bit C/C++ applications" where we describe the methodology of creating correct 64-bit code and searching for all types of defects using the Viva64 code analyzer.
Program errors occurring while porting C++ code from 32-bit platforms on 64-b...Andrey Karpov
Program errors occurring while porting C++ code from 32-bit platforms on 64-bit ones are observed. Examples of the incorrect code and the ways to correct it are given. Methods and means of the code analysis which allow to diagnose the errors discussed, are listed.
64 bits, Wp64, Visual Studio 2008, Viva64 and all the rest...Andrey Karpov
The purpose of this article is to answer some questions related to safe port of C/C++ code on 64-bit systems. The article is written as an answer to the topic often discussed on forums and related to the use of /Wp64 key and Viva64 tool.
Our team wrote three articles related to the code analysis of Tizen operating system. The operating system contains a lot of code, so this is the reason why it is a fertile ground for writing different articles. I think that we will go back again to Tizen in future, but right now other interesting projects are waiting for us. So, I will sum up some results of the work done and answer a number of questions that have arisen after the previously published articles.
MODERN MALWARE: OBFUSCATION AND EMULATION DEF CON CHINA 1.0 (2019)Alexandre Borges
Modern advanced malware samples are used to infect countries and they make part of the current cyber war, cyber espionage and financial attacks. Furthermore, critical actors, who write these malicious codes, try to make the static and dynamic analysis really hard by heavily obfuscating and, eventually, virtualizing codes using techniques such as CFG, call stack manipulation, dead code, opaque predicate and so on. Understanding these concepts and how they are used with virtualized packers is an advantage to learn the main anti-reversing techniques.
Therefore, to manage complex scenarios as exposed above, we are able to use frameworks such as METASM, MIASM and several dynamic static emulation techniques to make code simpler. At end, the goal is to reduce the code (most of time by using symbolic analysis), making us able to get a better understanding about the threat. Additionally, the introduction of dynamic tracing (DTrace) on Windows can help us to having a better understanding about programs and their behavior.
This presentation aims to show concepts and a practical approach on how to handle these reverse engineering challenges and techniques
Monitoring a program that monitors computer networksAndrey Karpov
There exists the NetXMS project, which is a software product designed to monitor computer systems and networks. It can be used to monitor the whole IT-infrastructure, from SNMP-compatible devices to server software. And I am naturally going to monitor the code of this project with the PVS-Studio analyzer.
ESET’s guide to deobfuscating and devirtualizing FinFisherESET Middle East
To help malware analysts and security researchers overcome FinFisher’s advanced anti-disassembly obfuscation and virtualization features, ESET researchers have framed some clever tricks into a whitepaper.
20 issues of porting C++ code on the 64-bit platformAndrey Karpov
Program errors occurring while porting C++ code from 32-bit platforms on 64-bit ones are observed. Examples of the incorrect code and the ways to correct it are given. Methods and means of the code analysis which allow to diagnose the errors discussed, are listed.
This article contains various examples of 64-bit errors. However, we have learnt much more examples and types of errors since we started writing the article and they were not included into it. Please see the article "A Collection of Examples of 64-bit Errors in Real Programs" that covers defects in 64-bit programs we know of most thoroughly. We also recommend you to study the course "Lessons on development of 64-bit C/C++ applications" where we describe the methodology of creating correct 64-bit code and searching for all types of defects using the Viva64 code analyzer.
Program errors occurring while porting C++ code from 32-bit platforms on 64-b...Andrey Karpov
Program errors occurring while porting C++ code from 32-bit platforms on 64-bit ones are observed. Examples of the incorrect code and the ways to correct it are given. Methods and means of the code analysis which allow to diagnose the errors discussed, are listed.
64 bits, Wp64, Visual Studio 2008, Viva64 and all the rest...Andrey Karpov
The purpose of this article is to answer some questions related to safe port of C/C++ code on 64-bit systems. The article is written as an answer to the topic often discussed on forums and related to the use of /Wp64 key and Viva64 tool.
Our team wrote three articles related to the code analysis of Tizen operating system. The operating system contains a lot of code, so this is the reason why it is a fertile ground for writing different articles. I think that we will go back again to Tizen in future, but right now other interesting projects are waiting for us. So, I will sum up some results of the work done and answer a number of questions that have arisen after the previously published articles.
MODERN MALWARE: OBFUSCATION AND EMULATION DEF CON CHINA 1.0 (2019)Alexandre Borges
Modern advanced malware samples are used to infect countries and they make part of the current cyber war, cyber espionage and financial attacks. Furthermore, critical actors, who write these malicious codes, try to make the static and dynamic analysis really hard by heavily obfuscating and, eventually, virtualizing codes using techniques such as CFG, call stack manipulation, dead code, opaque predicate and so on. Understanding these concepts and how they are used with virtualized packers is an advantage to learn the main anti-reversing techniques.
Therefore, to manage complex scenarios as exposed above, we are able to use frameworks such as METASM, MIASM and several dynamic static emulation techniques to make code simpler. At end, the goal is to reduce the code (most of time by using symbolic analysis), making us able to get a better understanding about the threat. Additionally, the introduction of dynamic tracing (DTrace) on Windows can help us to having a better understanding about programs and their behavior.
This presentation aims to show concepts and a practical approach on how to handle these reverse engineering challenges and techniques
A Collection of Examples of 64-bit Errors in Real ProgramsAndrey Karpov
This article is the most complete collection of examples of 64-bit errors in the C and C++ languages. The article is intended for Windows-application developers who use Visual C++, however, it will be useful for other programmers as well.
A Collection of Examples of 64-bit Errors in Real ProgramsPVS-Studio
This article is the most complete collection of examples of 64-bit errors in the C and C++ languages. The article is intended for Windows-application developers who use Visual C++, however, it will be useful for other programmers as well.
Undefined behavior is closer than you thinkAndrey Karpov
Some people think that undefined behavior is caused only by gross errors (accessing outside the bounds of the array, for instance) or inadequate constructions (i = i++ + ++i, for example). That's why it is quite surprising when a programmer sees undefined behavior in the code that used to work correctly, without arousing any suspicion. One should never let his guard down, programming in C/C++. Because hell is closer than you may think.
100 bugs in Open Source C/C++ projects Andrey Karpov
This article demonstrates capabilities of the static code analysis methodology. The readers are offered to study the samples of one hundred errors found in open-source projects in C/C++.
This article demonstrates capabilities of the static code analysis methodology. The readers are offered to study the samples of one hundred errors found in open-source projects in C/C++. All the errors have been found with the PVS-Studio static code analyzer.
I just cannot pass by the source code of ICQ messenger. It is a kind of a cult project, and when I saw the source code on GitHub, it was just a matter of time, when we will check it with PVS-Studio. Of course, we have a lot of other interesting projects that are waiting to be checked. For example, we have recently checked GCC, GDB, Mono. Finally, it's the turn of ICQ.
Even if you correct all compilation errors and warnings, it does not mean that a 64-bit application will work well. So it is the description and diagnosis of 64-bit errors that we will deal with in the most lessons of our course. And one more thing - do not rely on the switch /Wp64 which is described by many people (often unreasonably) in forum discussions as a wonderful tool able to find 64-bit errors.
One of the main problems with C++ is having a huge number of constructions whose behavior is undefined, or is just unexpected for a programmer. We often come across them when using our static analyzer on various projects. But, as we all know, the best thing is to detect errors at the compilation stage. Let's see which techniques in modern C++ help writing not only simple and clear code, but make it safer and more reliable.
How to make fewer errors at the stage of code writing. Part N1.PVS-Studio
I've arrived at the source code of a widely know instant messenger Miranda IM. Together with various plugins, this is a rather large project whose size is about 950 thousand code lines in C and C++. And like any other considerable project with a long development history, it has rather many errors and misprints.
20 issues of porting C++ code on the 64-bit platformPVS-Studio
Program errors occurring while porting C++ code from 32-bit platforms on 64-bit ones are observed. Examples of the incorrect code and the ways to correct it are given. Methods and means of the code analysis which allow to diagnose the errors discussed, are listed.
64-bit computers have been around and well for a long time already. Most applications have 64-bit versions that can benefit from larger memory capacity and improved performance thanks to the architectural capabilities of 64-bit processors. Developing 64-bit application in C/C++ requires much attention from a programmer. There is a number of reasons for 32-bit code to fail to work properly when recompiled for the 64-bit platform. There are a lot of articles on this subject, so we will focus on some other thing. Let's find out if the new features introduced in C++11 have made 64-bit software programmers' life any better and easier.
Note. The article was originally published in Software Developer's Journal (April 25, 2014) and is published here by the editors' permission.
64-Bit Code in 2015: New in the Diagnostics of Possible IssuesPVS-Studio
64-bit issues are pretty hard to detect because they are like a timebomb: it may take quite a while before they show up. The PVS-Studio static analyzer makes it easier to find and fix such errors. But we have made even a few more steps forward: we have recently revised with more care the 64-bit diagnostics implemented in our tool, which resulted in changing their distribution among severity levels. In this article, I'm going to tell you about these changes and how it affected the tool handling and bug search. You will also find real-life examples of 64-bit errors.
Development of a static code analyzer for detecting errors of porting program...PVS-Studio
The article concerns the task of developing a program tool called static analyzer. The tool being developed is used for diagnosing potentially unsafe syntactic structures of C++ from the viewpoint of porting program code on 64-bit systems. Here we focus not on the problems of porting occurring in programs, but on the peculiarities of creating a specialized code analyzer. The analyzer is intended for working with the code of C/C++ programs.
Static code analysis for verification of the 64-bit applicationsPVS-Studio
The coming of 64-bit processors to the PC market causes a problem which the developers have to solve: the old 32-bit applications should be ported to the new platform. After such code migration an application may behave incorrectly. The article is elucidating question of development and appliance of static code analyzer for checking out of the correctness of such application. Some problems emerging in applications after recompiling in 64-bit systems are considered in this article as well as the rules according to which the code check up is performed.
I often hear in various interpretations the phrase: "The given examples show not the code incorrect from the viewpoint of porting to x64 systems, but the code incorrect in itself". I would like to discuss and theorize a bit on this point in the blog. Please, take this note with a bit of humor.
I read a post recently about a check of the LibRaw project performed by Coverity SCAN. It stated that nothing interesting had been found. So I decided to try our analyzer PVS-Studio on it.
In this article, we will speak about the static analysis of the doxygen documentation generator tool. This popular and widely used project, which, as its authors claim, not without reason, has become "the de facto standard tool for generating documentation from annotated C++ sources", has never been scanned by PVS-Studio before. Doxygen scans the program source code and generates the documentation relying on it. Now it's time for us to peep into its source files and see if PVS-Studio can find any interesting bugs there.
Performs code analysis in C, C++, C++/CLI, C++/CX, C#. Plugin for Visual Studio 2010-2015. Integration with SonarQube, QtCreator, CLion, Eclipse CDT, Anjuta DevStudio and so on. Standalone utility. Direct integration of the analyzer into the systems of build automation and the BlameNotifier utility (e-mail notification). Automatic analysis of modified files. Great scalability. Why do people need code analyzers?
Viva64: working up of 64-bit applicationsPVS-Studio
Viva64 - is a tool for searching of errors and possible problems at C/C ++ code at the applications port on the 64-bit platform. Nowadays when the necessity of the 64-bit versions software output is realized by the most of the developers, it is too important to be sure of the working up product quality. Even if the traditional 32-bit version of your product has been tested carefully, its portability on the 64-bit platform may reveal some unexpected problems. Some separate items are devoted to the applications portability problems, and this one tells how to provide the necessary level of the code quality with the help the static analyzer Viva64.
A Collection of Examples of 64-bit Errors in Real ProgramsAndrey Karpov
This article is the most complete collection of examples of 64-bit errors in the C and C++ languages. The article is intended for Windows-application developers who use Visual C++, however, it will be useful for other programmers as well.
A Collection of Examples of 64-bit Errors in Real ProgramsPVS-Studio
This article is the most complete collection of examples of 64-bit errors in the C and C++ languages. The article is intended for Windows-application developers who use Visual C++, however, it will be useful for other programmers as well.
Undefined behavior is closer than you thinkAndrey Karpov
Some people think that undefined behavior is caused only by gross errors (accessing outside the bounds of the array, for instance) or inadequate constructions (i = i++ + ++i, for example). That's why it is quite surprising when a programmer sees undefined behavior in the code that used to work correctly, without arousing any suspicion. One should never let his guard down, programming in C/C++. Because hell is closer than you may think.
100 bugs in Open Source C/C++ projects Andrey Karpov
This article demonstrates capabilities of the static code analysis methodology. The readers are offered to study the samples of one hundred errors found in open-source projects in C/C++.
This article demonstrates capabilities of the static code analysis methodology. The readers are offered to study the samples of one hundred errors found in open-source projects in C/C++. All the errors have been found with the PVS-Studio static code analyzer.
I just cannot pass by the source code of ICQ messenger. It is a kind of a cult project, and when I saw the source code on GitHub, it was just a matter of time, when we will check it with PVS-Studio. Of course, we have a lot of other interesting projects that are waiting to be checked. For example, we have recently checked GCC, GDB, Mono. Finally, it's the turn of ICQ.
Even if you correct all compilation errors and warnings, it does not mean that a 64-bit application will work well. So it is the description and diagnosis of 64-bit errors that we will deal with in the most lessons of our course. And one more thing - do not rely on the switch /Wp64 which is described by many people (often unreasonably) in forum discussions as a wonderful tool able to find 64-bit errors.
One of the main problems with C++ is having a huge number of constructions whose behavior is undefined, or is just unexpected for a programmer. We often come across them when using our static analyzer on various projects. But, as we all know, the best thing is to detect errors at the compilation stage. Let's see which techniques in modern C++ help writing not only simple and clear code, but make it safer and more reliable.
How to make fewer errors at the stage of code writing. Part N1.PVS-Studio
I've arrived at the source code of a widely know instant messenger Miranda IM. Together with various plugins, this is a rather large project whose size is about 950 thousand code lines in C and C++. And like any other considerable project with a long development history, it has rather many errors and misprints.
20 issues of porting C++ code on the 64-bit platformPVS-Studio
Program errors occurring while porting C++ code from 32-bit platforms on 64-bit ones are observed. Examples of the incorrect code and the ways to correct it are given. Methods and means of the code analysis which allow to diagnose the errors discussed, are listed.
64-bit computers have been around and well for a long time already. Most applications have 64-bit versions that can benefit from larger memory capacity and improved performance thanks to the architectural capabilities of 64-bit processors. Developing 64-bit application in C/C++ requires much attention from a programmer. There is a number of reasons for 32-bit code to fail to work properly when recompiled for the 64-bit platform. There are a lot of articles on this subject, so we will focus on some other thing. Let's find out if the new features introduced in C++11 have made 64-bit software programmers' life any better and easier.
Note. The article was originally published in Software Developer's Journal (April 25, 2014) and is published here by the editors' permission.
64-Bit Code in 2015: New in the Diagnostics of Possible IssuesPVS-Studio
64-bit issues are pretty hard to detect because they are like a timebomb: it may take quite a while before they show up. The PVS-Studio static analyzer makes it easier to find and fix such errors. But we have made even a few more steps forward: we have recently revised with more care the 64-bit diagnostics implemented in our tool, which resulted in changing their distribution among severity levels. In this article, I'm going to tell you about these changes and how it affected the tool handling and bug search. You will also find real-life examples of 64-bit errors.
Development of a static code analyzer for detecting errors of porting program...PVS-Studio
The article concerns the task of developing a program tool called static analyzer. The tool being developed is used for diagnosing potentially unsafe syntactic structures of C++ from the viewpoint of porting program code on 64-bit systems. Here we focus not on the problems of porting occurring in programs, but on the peculiarities of creating a specialized code analyzer. The analyzer is intended for working with the code of C/C++ programs.
Static code analysis for verification of the 64-bit applicationsPVS-Studio
The coming of 64-bit processors to the PC market causes a problem which the developers have to solve: the old 32-bit applications should be ported to the new platform. After such code migration an application may behave incorrectly. The article is elucidating question of development and appliance of static code analyzer for checking out of the correctness of such application. Some problems emerging in applications after recompiling in 64-bit systems are considered in this article as well as the rules according to which the code check up is performed.
I often hear in various interpretations the phrase: "The given examples show not the code incorrect from the viewpoint of porting to x64 systems, but the code incorrect in itself". I would like to discuss and theorize a bit on this point in the blog. Please, take this note with a bit of humor.
I read a post recently about a check of the LibRaw project performed by Coverity SCAN. It stated that nothing interesting had been found. So I decided to try our analyzer PVS-Studio on it.
In this article, we will speak about the static analysis of the doxygen documentation generator tool. This popular and widely used project, which, as its authors claim, not without reason, has become "the de facto standard tool for generating documentation from annotated C++ sources", has never been scanned by PVS-Studio before. Doxygen scans the program source code and generates the documentation relying on it. Now it's time for us to peep into its source files and see if PVS-Studio can find any interesting bugs there.
Performs code analysis in C, C++, C++/CLI, C++/CX, C#. Plugin for Visual Studio 2010-2015. Integration with SonarQube, QtCreator, CLion, Eclipse CDT, Anjuta DevStudio and so on. Standalone utility. Direct integration of the analyzer into the systems of build automation and the BlameNotifier utility (e-mail notification). Automatic analysis of modified files. Great scalability. Why do people need code analyzers?
Viva64: working up of 64-bit applicationsPVS-Studio
Viva64 - is a tool for searching of errors and possible problems at C/C ++ code at the applications port on the 64-bit platform. Nowadays when the necessity of the 64-bit versions software output is realized by the most of the developers, it is too important to be sure of the working up product quality. Even if the traditional 32-bit version of your product has been tested carefully, its portability on the 64-bit platform may reveal some unexpected problems. Some separate items are devoted to the applications portability problems, and this one tells how to provide the necessary level of the code quality with the help the static analyzer Viva64.
Similar to Monitoring a program that monitors computer networks (20)
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
Monitoring a program that monitors computer networks
1. Monitoring a program that monitors
computer networks
Author: Andrey Karpov
Date: 28.05.2013
There exists the NetXMS project, which is a software product designed to monitor computer systems
and networks. It can be used to monitor the whole IT-infrastructure, from SNMP-compatible devices to
server software. And I am naturally going to monitor the code of this project with the PVS-Studio
analyzer.
About NetXMS in brief
Links:
• Description in Wikipedia: NetXMS
• Website: http://www.netxms.org/
The NetXMS project is an open-source project distributed under the GNU General Public License v2. The
code is written in the languages C, C++ and Java.
The project depends on a number of third-party libraries. To be honest, I felt too lazy to download some
of them to get the project built. That's why it was checked not in full. Nevertheless, it doesn't prevent
me from writing this post: my analysis is superficial anyway. It will be much better if the project's
authors check it themselves. They are welcome to write to our support service: I will generate a
temporary registration key for the PVS-Studio analyzer so that they could analyze it more thoroughly.
64-bit errors
In the articles describing checks of open-source projects, I let myself be carried away with citing general
errors. But 64-bit errors have not disappeared; they can be found everywhere. They are just not that
interesting to discuss. When you show null pointer dereferencing, the bug is obvious. When you tell that
a 32-bit variable can overflow in a 64-bit application, it's not that interesting. A coincidence of some
certain circumstances must happen for such an error to occur; so you have to speak of it as a "potential
error".
Moreover, it's much more difficult to detect 64-bit bugs. The rule set designed for 64-bit error detection
produces a whole lot of false positives. The analyzer doesn't know the permissible range of input values
and attacks everything it finds at least a bit suspicious. To find really dangerous fragments, you have to
review a lot of messages; this is the only way to make sure that the program has been correctly ported
to the 64-bit platform. It is especially true for applications that use more than 4 Gbytes of memory.
So, to be brief, writing articles about catching common bugs is much easier than writing about catching
64-bit ones. But this time I overcame my laziness and found several dangerous fragments of that kind.
Let's start with them.
2. 64-bit error N1
BOOL SortItems(...., _In_ DWORD_PTR dwData);
void CLastValuesView::OnListViewColumnClick(....)
{
....
m_wndListCtrl.SortItems(CompareItems, (DWORD)this);
....
}
V220 Suspicious sequence of types castings: memsize -> 32-bit integer -> memsize. The value being
casted: 'this'. lastvaluesview.cpp 716
Earlier, in 32-bit systems, the pointer's size was 4 bytes. When you needed to save or pass a pointer as
an integer type, you used the types DWORD, UINT and so on. In 64-bit systems the pointer's size has
grown to 8 bytes. To store them in integer variables the types DWORD_PTR, UINT_PTR and some others
were created. Function interfaces have changed accordingly. Note the way the SortItems() function is
declared in the first line of the sample.
Unfortunately, the program still contains a conversion of a pointer to the 32-bit DWORD type. The
program is compiled successfully. The pointer is explicitly cast to the 32-bit DWORD type and then
inexplicitly extended to DWORD_PTR. The worst thing is that the program works well in most cases.
It will work until the CLastValuesView class's instances are created within the 4 low-order Gbytes of
memory - that is, almost always. But it might happen that the program needs more memory. Or,
memory fragmentation happens after a long run. The object will then be created outside the 4 Gbytes,
and the error will reveal itself. The pointer will lose the 32 high-order bits, and the program's behavior
will become undefined.
The bug is very easy to fix:
m_wndListCtrl.SortItems(CompareItems, (DWORD_PTR)this);
There are some other fragments with similar type conversions:
• mibbrowserdlg.cpp 160
• lastvaluesview.cpp 232
• graphdatapage.cpp 370
• graphdatapage.cpp 330
• graphdatapage.cpp 268
• graphdatapage.cpp 172
• controlpanel.cpp 126
Each of these is a sliest bug; they are often very hard to reproduce. As a result, you get VERY RARE
crashes after a long run.
3. 64-bit error N2
The next error seems to be not that critical. A poorly calculated hash code, however, can cause search
algorithms to slow down.
static int hash_void_ptr(void *ptr)
{
int hash;
int i;
/* I took this hash function just off the top of my head,
I have no idea whether it is bad or very bad. */
hash = 0;
for (i = 0; i < (int)sizeof(ptr)*8 / TABLE_BITS; i++)
{
hash ^= (unsigned long)ptr >> i*8;
hash += i * 17;
hash &= TABLE_MASK;
}
return hash;
}
V205 Explicit conversion of pointer type to 32-bit integer type: (unsigned long) ptr xmalloc.c 85
The author writes in the comment that he is not sure if the function works well. And he's right. At the
least, here is a bug when casting the pointer to the 'unsigned long' type.
The data models used in Windows and Linux systems are different. In Linux, the LP64 data model is
accepted. In this model the 'long' type's size is 64 bits. Thus, this code will work as intended under Linux
systems.
In Win64, the 'unsigned long' type's size is 32 bits. As a result, the high-order part of the pointer gets
lost, and the hash is calculated not that well.
64-bit error N3
It is not solely because of explicit type conversions that 64-bit errors occur. But errors of this type are
much easier to detect - for me as well. That's why let's have a look at one more poor type conversion.
static int ipfix_print_newmsg(....)
{
4. ....
strftime(timebuf, 40, "%Y-%m-%d %T %Z",
localtime( (const time_t *) &(hdr->u.nf9.unixtime) ));
....
}
V114 Dangerous explicit type pointer conversion: (const time_t *) & (hdr->u.nf9.unixtime) ipfix_print.c
68
This is how the 'unixtime' class's member is declared:
uint32_t unixtime; /* seconds since 1970 */
And this is how the type 'time_t' is declared:
#ifdef _USE_32BIT_TIME_T
typedef __time32_t time_t;
#else
typedef __time64_t time_t;
#endif
As far as I can tell, the _USE_32BIT_TIME_T macro is not declared anywhere in the project. I didn't
manage to find it, at least. It means that the localtime() function must handle time values represented
by 64-bit variables, while it is an address of a 32-bit variable that is passed into the function in our
sample. It's no good. The function localtime() will be handling trash.
I suppose the readers can see now why I'm not fond of writing about 64-bit errors. They are too plain
and unconvincing. I don't feel like going on to search for other samples to show you at all. Let's instead
study some general bugs. They look much more impressive and dangerous.
Nevertheless, 64-bit errors still exist, and if you care about the quality of your 64-bit code, I advise you
to keep the viva64 diagnostic rule set at hand. These errors will stay hidden for a longer time than
common bugs. For you to get scared, I recommend the following reading for the night:
• A Collection of Examples of 64-bit Errors in Real Programs
• 64-bit Lessons. Lesson 24. Phantom errors.
Errors when handling the SOCKET type
In Linux, the SOCKET type is declared as a signed variable. In Windows, this type is unsigned:
typedef UINT_PTR SOCKET;
5. This difference often causes bugs in Windows programs.
static int DoRadiusAuth(....)
{
SOCKET sockfd;
....
// Open a socket.
sockfd = socket(AF_INET, SOCK_DGRAM, 0);
if (sockfd < 0)
{
DbgPrintf(3, _T("RADIUS: Cannot create socket"));
pairfree(req);
return 5;
}
....
}
V547 Expression 'sockfd < 0' is always false. Unsigned type value is never < 0. radius.cpp 682
The 'sockfd' variable is of the UINT_PTR type. It results in that the 'sockfd < 0' condition never holds
when the program runs under Windows. The program will try in vain to handle the socket which has not
been opened.
You should fight your laziness and use special constants. This is what the code should look like:
if (sockfd == SOCKET_ERROR)
Similar incorrect checks can be found in the following fragments:
• ipfix.c 845
• ipfix.c 962
• ipfix.c 1013
• ipfix.c 1143
• ipfix.c 1169
• ipfix_col.c 1404
• ipfix_col.c 2025
A potential array overrun
int ipfix_snprint_string(....)
6. {
size_t i;
uint8_t *in = (uint8_t*) data;
for( i=len-1; i>=0; i-- ) {
if ( in[i] == '0' ) {
return snprintf( str, size, "%s", in );
}
}
....
}
V547 Expression 'i >= 0' is always true. Unsigned type value is always >= 0. ipfix.c 488
The 'i' variable has the size_t type. It means that the check "i>=0" is pointless. If zero is not found on the
stack, the function will start reading memory far outside the array's boundaries. Consequences of this
may be very diverse.
One more error when handling unsigned types
bool CatalystDriver::isDeviceSupported(....)
{
DWORD value = 0;
if (SnmpGet(snmp->getSnmpVersion(), snmp,
_T(".1.3.6.1.4.1.9.5.1.2.14.0"),
NULL, 0, &value, sizeof(DWORD), 0)
!= SNMP_ERR_SUCCESS)
return false;
// Catalyst 3550 can return 0 as number of slots
return value >= 0;
}
V547 Expression 'value >= 0' is always true. Unsigned type value is always >= 0. catalyst.cpp 71
7. Half-cleared buffers
One of the most common error patterns is confusion of WCHAR strings' sizes. You can find quite a
number of examples in our bug database.
typedef WCHAR TCHAR, *PTCHAR;
static BOOL MatchProcess(....)
{
....
TCHAR commandLine[MAX_PATH];
....
memset(commandLine, 0, MAX_PATH);
....
}
V512 A call of the 'memset' function will lead to underflow of the buffer 'commandLine'. procinfo.cpp
278
The TCHAR type is expanded into the WCHAR type. The number of characters in the array
'commandLine' equals the value MAX_PATH. The size of this array is 'MAX_PATH * sizeof(TCHAR). The
'memset' function handles bytes. It means that the mechanism needed to correctly clear the buffer
should look like this:
memset(commandLine, 0, MAX_PATH * sizeof(TCHAR));
An even better way is to make it like this:
memset(commandLine, 0, sizeof(commandLine));
The CToolBox class is sick in the same way:
typedef WCHAR TCHAR, *PTCHAR;
#define MAX_TOOLBOX_TITLE 64
TCHAR m_szTitle[MAX_TOOLBOX_TITLE];
CToolBox::CToolBox()
{
memset(m_szTitle, 0, MAX_TOOLBOX_TITLE);
}
V512 A call of the 'memset' function will lead to underflow of the buffer 'm_szTitle'. toolbox.cpp 28
8. Copy-paste
In the findIpAddress() function, a null pointer may get dereferenced. The reason is a copied-and-pasted
line.
void ClientSession::findIpAddress(CSCPMessage *request)
{
....
if (subnet != NULL)
{
debugPrintf(5, _T("findIpAddress(%s): found subnet %s"),
ipAddrText, subnet->Name());
found = subnet->findMacAddress(ipAddr, macAddr);
}
else
{
debugPrintf(5, _T("findIpAddress(%s): subnet not found"),
ipAddrText, subnet->Name());
}
....
}
V522 Dereferencing of the null pointer 'subnet' might take place. session.cpp 10823
The call of the debugPrintf() function was obviously copied. But the call in the 'else' branch is incorrect.
The pointer 'subnet' equals NULL. It means that you cannot write "subnet->Name()".
A misprint
#define CF_AUTO_UNBIND 0x00000002
bool isAutoUnbindEnabled()
{
return ((m_flags & (CF_AUTO_UNBIND | CF_AUTO_UNBIND)) ==
(CF_AUTO_UNBIND | CF_AUTO_UNBIND)) ? true : false;
}
V578 An odd bitwise operation detected: m_flags & (0x00000002 | 0x00000002). Consider verifying it.
nms_objects.h 1410
9. The expression (CF_AUTO_UNBIND | CF_AUTO_UNBIND) is very strange. It seems that two different
constants should be used here.
Unexpected optimization
void I_SHA1Final(....)
{
unsigned char finalcount[8];
....
memset(finalcount, 0, 8);
SHA1Transform(context->state, context->buffer);
}
V597 The compiler could delete the 'memset' function call, which is used to flush 'finalcount' buffer. The
RtlSecureZeroMemory() function should be used to erase the private data. sha1.cpp 233
In functions related to cryptography, it is an accepted practice to clear temporary buffers. If you don't
do that, consequences may be interesting: for instance, a fragment of classified information may be
unintentionally sent to the network. Read the article "Overwriting memory - why?" to find out the
details.
The function memset() is often used to clear memory. It is incorrect. If the array is not being used after
the clearing, the compiler may delete the function memset() for the purpose of optimization. To prevent
this you should use the function RtlSecureZeroMemory().
Using uninitialized variables
Many programmers are convinced that use of uninitialized variables is the most annoying and frequent
bug. Judging by my experience of checking various projects, I don't believe it's true. This bug is very
much discussed in books and articles. Thanks to that, everybody knows what uninitialized variables are,
what is dangerous about them, how to avoid and how to find them. But personally I feel that much
more errors are caused, say, through using Copy-Paste. But, of course, it doesn't mean that uninitialized
variables are defeated. Here they are.
int OdbcDisconnect(void* pvSqlCtx)
{
....
SQLRETURN nSqlRet;
....
if (nRet == SUCCESS)
{
10. ....
nSqlRet = SQLDisconnect(pSqlCtx->hDbc);
....
}
if (SQLRET_FAIL(nSqlRet))
....
}
V614 Potentially uninitialized variable 'nSqlRet' used. odbcsapi.cpp 220
The nSqlRet variable becomes initialized only if we get into the 'if' operator's body. But it is checked
after that all the time. It results in this variable's sometimes storing a random value.
Here are some other places where variables may be initialized not all the time:
• session.cpp 2112
• session.cpp 7525
• session.cpp 7659
• functions.cpp 386
• unlock.cpp 63
• alarmbrowser.cpp 539
A pointer is first used and then checked for being a null pointer
It is a very common situation that due to refactoring a pointer check is put after a pointer dereferencing
operation in the program text. A lot of examples can be found here.
To detect this error pattern the V595 diagnostic is used. The number of such defects found in code often
reaches many dozens. To NetXMS's credit, however, I noticed only one code fragment of that kind:
DWORD SNMP_PDU::encodeV3SecurityParameters(....,
SNMP_SecurityContext *securityContext)
{
....
DWORD engineBoots =
securityContext->getAuthoritativeEngine().getBoots();
DWORD engineTime =
securityContext->getAuthoritativeEngine().getTime();
if ((securityContext != NULL) &&
11. (securityContext->getSecurityModel() ==
SNMP_SECURITY_MODEL_USM))
{
....
}
V595 The 'securityContext' pointer was utilized before it was verified against nullptr. Check lines: 1159,
1162. pdu.cpp 1159
There were some other V595 warnings, but I found them too unconvincing to mention in the article.
Those must be just unnecessary checks.
A bug when using variadic functions
Errors occurring when using the printf() and other similar functions are classic ones. The reason is that
variadic functions don't control the types of the arguments being passed.
#define _ftprintf fwprintf
static __inline char * __CRTDECL ctime(const time_t * _Time);
BOOL LIBNETXMS_EXPORTABLE SEHServiceExceptionHandler(....)
{
....
_ftprintf(m_pExInfoFile,
_T("%s CRASH DUMPn%sn"),
szProcNameUppercase,
ctime(&t));
....
}
V576 Incorrect format. Consider checking the fourth actual argument of the 'fwprintf' function. The
pointer to string of wchar_t type symbols is expected. seh.cpp 292
The _ftprintf() macro is expanded into the function fwprintf(). The format string specifies that strings of
the 'wchar_t *' type must be passed into the function. But the ctime() function returns a string
consisting of 'char' characters. This bug must be left unnoticed, as it is situated inside the error handler.
Here are two more errors of that kind:
• nxpush.cpp 193
• nxpush.cpp 235
12. It is not taken into account that the 'new' operator throws exceptions
when there is memory shortage
The 'new' operator earlier used to return 'NULL' when it failed to allocate memory. Now it throws an
exception. Many programs don't take this change into account. It doesn't matter sometimes, but in
some cases it may cause failures. Take a look at the following code fragment from the NetXMS project:
PRectangle CallTip::CallTipStart(....)
{
....
val = new char[strlen(defn) + 1];
if (!val)
return PRectangle();
....
}
V668 There is no sense in testing the 'val' pointer against null, as the memory was allocated using the
'new' operator. The exception will be generated in the case of memory allocation error. calltip.cpp 260
The empty object 'PRectangle' was returned earlier if memory couldn't be allocated. Now an exception
is generated when there is memory shortage. I don't know whether or not this behavior change is
critical. Anyway, checking the pointer for being a null pointer doesn't seem reasonable anymore.
We should either remove the checks or use the 'new' operator that doesn't throw exceptions and
returns zero:
val = new (std::nothrow) char[strlen(defn) + 1];
The PVS-Studio analyzer generates too many V668 warnings on the NetXMS project. Therefore I won't
overload the article with examples. Let's leave it up to the authors to check the project.
A strange loop
static bool MatchStringEngine(....)
{
....
// Handle "*?" case
while(*MPtr == _T('?'))
{
if (*SPtr != 0)
SPtr++;
13. else
return false;
MPtr++;
break;
}
....
}
V612 An unconditional 'break' within a loop. tools.cpp 280
The loop body is executed not more than once. The keyword 'break' inside it must be unnecessary.
Instead of the conclusion
I haven't drawn any new conclusions from the check of the NetXMS project. Errors are everywhere;
some of them can be found with static analysis - the earlier, the better.
I'll just give you some interesting and useful links instead of the conclusion:
• Why it is important to perform static analysis regularly, not in a single swoop like I've done in
this article: Static analysis is most efficient when being used regularly. We'll tell you why.
• Analysis results for other open-source projects: PVS-Studio and open-source software
• Download a full-function demo version of PVS-Studio: http://www.viva64.com/en/pvs-studio-
download/
• If you are involved in developing free open-source projects, we can give you a key to carry out
such a check. Write to us.