Using “Sentry Bytes” to Detect Memory Overruns

Using “Sentry Bytes” to Detect Memory Overruns

One of the most frustrating aspects of debugging is detecting memory overruns. Some compilers (MS Visual C++ for instance) automatically add “sentry bytes” at the ends of every memory block allocated by operator new. The sentry bytes have a predefined value that the runtime system monitors. When the predefined value changes, this indicates that the program wrote to an out of bound memory address. Unfortunately, compilers apply this technique to heap memory exclusively. To detect memory overruns in stack memory, you can implement this technique manually. This code snippet writes one position beyond the last element of the array:

 void erratic(){  int arr[2];  for (int j= 0; j<3; j++) //this loop iterates one to many times      arr[j] = j;}

In its last iteration, the loop writes the value 2 to a memory address that is beyond the valid array bounds. This version of the previous code snippet uses two initialized sentry integers that are declared immediately before and after the original array. The values of the sentry integers are then examined to detect the memory overrun:

 void erratic(){#ifdef DEBUG  int before_sentry = -99;#endif  int arr[2]; //original array#ifdef DEBUG  int after_sentry = -99;#endif  for (int j= 0; j<3; j++)        arr[j] = j;#ifdef DEBUG  if (before_sentry != -99 )     throw X("memory overrun detected at right before arr, at function erratic");  if (after_sentry != -99 )  //true      throw X("memory overrun detected at right after arr, at function erratic");#endif}

Instead of writing the extra test code manually, you can use a clever macro that does this job for you. Note that this technique does not incur any runtime overhead in the release version.

Share the Post:
data observability

Data Observability Explained

Data is the lifeblood of any successful business, as it is the driving force behind critical decision-making, insight generation, and strategic development. However, due to its intricate nature, ensuring the

Heading photo, Metadata.

What is Metadata?

What is metadata? Well, It’s an odd concept to wrap your head around. Metadata is essentially the secondary layer of data that tracks details about the “regular” data. The regular

XDR solutions

The Benefits of Using XDR Solutions

Cybercriminals constantly adapt their strategies, developing newer, more powerful, and intelligent ways to attack your network. Since security professionals must innovate as well, more conventional endpoint detection solutions have evolved