Insure++, A Source Code Instrumentor

Summary

Insure++ is a C source code instrumentor that can verify memory accesses. It is a debugging tool, but since many vulnerabilities result from bugs, it can also be used as a security tool. The source code of the program being checked is required. Like other tools of this kind, Insure works by adding code that prints error messages when a bad memory access is made. According to Insure's web page, the different kinds of "bad memory accesses" Insure catches are:

• Memory corruption due to reading or writing beyond the valid areas of global, local, shared, and dynamically allocated objects.
• Operations on uninitialized, NULL, or "wild" pointers.
• Memory leaks.
• Errors allocating and freeing dynamic memory.
• String manipulation errors.
• Operations on pointers to unrelated data blocks.
• Invalid pointer operations.
• Incompatible variable declarations.
• Mismatched variable types in printf and scanf argument lists.

Insure also checks all library function usage for errors. Errors being the following:

• Mismatched argument types or function declarations.
• Out of range, or otherwise invalid arguments in library calls.
• Errors returned by library calls.

URL: http://www.parasoft.com/products/insure/index.htm

Notes

Insure works on Windows and UNIX-like systems on the x86 architecture.

Pros:

• helps security personel and developers find common programming mistakes that account for a large number of vulnerabilites.
• It looks like a high-quality product.

Cons:

• Requires a program's source code.
• The Insight web page is very sales-pitchy. It is very difficult to get useful information about the product. For example, the main page makes the bold claim that it can detect the following kinds of "errors":
  • Algorithmic errors
  • Program optimization
  • Program understanding
  • Coverage analysis
  The last three aren't even errors; they are things Insure does for the programmer, not something it is trying to fix. Also, it probably can't fix algorithmic errors the way most programmers understand the term. In reality, Insure will only be able to detect memory access problems and error codes from library functions.
• There are free, although less refined, alternatives. See the URLs below.

Possible Alternatives
Chaperon
Memwatch
Electric Fence

Rating: Worth looking at.

Classification

• Static or dynamic: static
• Modified library or instrumenting: instrumenting
• Testing or production env: testing
• Opaque or clear or cloudy view of the system: clear
• List-based or heuristic: web page makes ambiguous and sometimes contradictory claims about how it works and what it does. It is hard to decide whether it is list-based or heuristic. Bias is toward list-based.
• Conservative or liberal: conservative
• Concurrent or stand-alone: stand-alone
• Alert or advice: Hard to say.

Evaluated by Patrick LeBlanc on 8/16/00