Greetings,
I just wanted to review some quick facts about security architecture and design, more specifically memory leaks. Its concept you should be familiar with if you plan on taking the Security+, CISSP, etc.
Characteristics of Memory Leaks
When programs are written in object oriented programming languages programmers need to allocation memory space for each object that is created in the program. Once the object is no longer required by the program its memory space should be de-allocated to free up memory resources for the system to use. Some programming languages does leaves that to the programmer to accomplish herself. Other languages provide that capability automatically with a built-in garbage collector. When programs are poorly written with objects using up memory and never releasing the memory back to the system we call this a memory leak. The memory leaks are considered a vulnerability and if discovered by hackers they can be exploited to crash the system in a denial of service attack.
One thing to keep in mind about memory leaks is that they are common in languages that have no built-in automatic garbage collection. Languages such as C and C++ lack a built-in automatic garbage collector and leaves it to the programmer to manage memory allocation. Java, C#, Haskell and a host of other modern languages automatically get rid of objects that are no longer required by the application. It is encourage to use the programming languages that have garbage collection automatically. Even experienced programmers can have a memory bugs in a program that contain thousands of lines of code.
If you are taking the CISSP examination just remember that memory leaks are common in C, C++, and other languages that lack an automatic garbage collector and it is uncommon with Java, C#, and other languages that do have built-in garbage collection.
No comments:
Post a Comment