Popular:
Virtualization DNS security formal verification reachability analysis compiler errors macro conflict web extension development framework Bitmap Graphics API inconsistencies All Tags

C++ Memory Management: A Deep Dive into RAII

2025-03-09
C++ Memory Management: A Deep Dive into RAII

This is part two of a series on memory management in C++. This post focuses on RAII (Resource Acquisition Is Initialization), a powerful technique for simplifying and securing memory handling. The author contrasts C's manual memory allocation with C++'s more sophisticated approach, covering classes, objects, constructors, destructors, and containers. RAII automatically manages resource cleanup, reducing errors. The post also touches upon move semantics and previews the next installment on smart pointers.

Read more
(educatedguesswork.org)
Development

Understanding C Memory Management: A Deep Dive into Stacks, Heaps, and Leaks

2025-01-16
Understanding C Memory Management: A Deep Dive into Stacks, Heaps, and Leaks

This article provides a detailed explanation of C's memory management, starting with how programs use memory and progressing through the roles of the stack and heap, the usage of malloc() and free(), and the causes of memory leaks and Use After Free (UAF) vulnerabilities. Using a simple example, the author demonstrates manual memory management and explains the inner workings of a memory allocator (malloc), including memory fragmentation. Suitable for readers with some programming experience, this article enhances understanding of memory management and helps avoid common memory errors.

Read more
(educatedguesswork.org)
Development Stack Heap

The Software Trust Crisis: Why We Have to Trust Software (Mostly)

2024-12-31
The Software Trust Crisis: Why We Have to Trust Software (Mostly)

This article explores the difficult problem of trusting software. The author argues that even secure messaging apps rely on trust in the vendor; the sheer volume of code in open-source software makes review impractical; code signing verifies integrity but relies on user diligence and is easily circumvented. The article delves into vulnerabilities in the software supply chain, including code signing, blocklisting, auto-updates, and package managers. It introduces techniques like reproducible builds and binary transparency to enhance software trust, but ultimately concludes that this is a far-from-solved problem, leaving us with the uncomfortable reality of having to trust software vendors.

Read more
(educatedguesswork.org)
Tech code signing binary transparency