Siddhesh Poyarekar's contributions
Article
How to improve application security using _FORTIFY_SOURCE=3
Discover how to improve application and library security at the source with _FORTIFY_SOURCE macro defined to 3 and how it impacts performance.
Article
GCC's new fortification level: The gains and costs
Discover the gains and costs of GCC’s enhanced runtime buffer overflow protection. Level 3 _FORTIFY_SOURCE preprocessor macro may detect more buffer overflows, but there’s a cost.
Article
Use compiler flags for stack protection in GCC and Clang
Smash-stacking attacks are common, but the GCC and Clang compilers have a number of flags that can help defend against them. Read on for more info.
Article
Securing malloc in glibc: Why malloc hooks had to go
Read how memory allocation, or malloc hooks, were unsafe in multi-threaded environments and why they were removed from the GNU C Library, or glibc.
Article
Mostly harmless: An account of pseudo-normal floating point numbers
Pseudo-normal numbers represent a gap in floating point number classification in the long double format on Intel x86. Find out how glibc and GCC address it.
Article
Broadening compiler checks for buffer overflows in _FORTIFY_SOURCE
The GNU C Library's 2.33 release adds buffer overflow protection for C/C++ programs. Find out how _FORTIFY_SOURCE=3 improves overflow protection in glibc.
Article
Malloc systemtap probes: an example
One feedback I got from my blog post on Understanding malloc behavior using Systemtap userspace probes was that I should have included an example script to explain how this works. Well, better late than never, so here's an example script. This script prints some diagnostic information during a program run and also logs some information to print out a summary at the end. I'll go through the script a few related probes at a time. global sbrk, waits, arenalist, mmap_threshold...
Article
Improving math performance in glibc
Update: Vincent Lefèvre helpfully pointed out that I had linked to the incorrect Worst Cases paper. That link is now fixed. Update 2: Dan Courcy pointed out that my equation in the "Multiplying zeroes" section had an error, which I have now fixed. Mathematical function implementations usually have to trade off between speed of computation and the accuracy of the result. This is especially true for transcendentals (i.e. the exponential and trigonometric functions), where results often have to be computed...
How to improve application security using _FORTIFY_SOURCE=3
Discover how to improve application and library security at the source with _FORTIFY_SOURCE macro defined to 3 and how it impacts performance.
GCC's new fortification level: The gains and costs
Discover the gains and costs of GCC’s enhanced runtime buffer overflow protection. Level 3 _FORTIFY_SOURCE preprocessor macro may detect more buffer overflows, but there’s a cost.
Use compiler flags for stack protection in GCC and Clang
Smash-stacking attacks are common, but the GCC and Clang compilers have a number of flags that can help defend against them. Read on for more info.
Securing malloc in glibc: Why malloc hooks had to go
Read how memory allocation, or malloc hooks, were unsafe in multi-threaded environments and why they were removed from the GNU C Library, or glibc.
Mostly harmless: An account of pseudo-normal floating point numbers
Pseudo-normal numbers represent a gap in floating point number classification in the long double format on Intel x86. Find out how glibc and GCC address it.
Broadening compiler checks for buffer overflows in _FORTIFY_SOURCE
The GNU C Library's 2.33 release adds buffer overflow protection for C/C++ programs. Find out how _FORTIFY_SOURCE=3 improves overflow protection in glibc.
Malloc systemtap probes: an example
