Stack smash protection: Automated (de)bugging?

John Richard Moser nigelenki at comcast.net
Tue Jul 11 23:55:39 UTC 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



Micah J. Cowan wrote:
> On Mon, Jul 10, 2006 at 11:57:09PM -0400, John Richard Moser wrote:
>> The interesting things I WANT the modified handler and code generator
>> for are:
>>
>>  * Automatically log stack smashing.  This can be done now, as far as
>>    "stack smash in /usr/bin/xmms"; but I want "stack smash in
>>    /usr/bin/xmms foo.c:bar() (Damage: 0xdeadbeef)"
>>
>>  * Alert the user at first stack smash, asking if he would like a stack
>>    smash detecting daemon to automatically send stack smash logs to
>>    Ubuntu.  This would pass enough information to Ubuntu (and then to
>>    upstream) to quickly find and fix highly obscure problems.
> 
> <snip>
> 
>> I may be really reaching here, but I think I may not be the only one who
>> would like this.  Does anyone else have any thoughts?  Good, bad,
>> flames, praise, support, comments on the gcc bugzilla, whatever.
> 
> It sounds like a terrific idea to me... I wish GCC had done this from
> the start, especially since ProPolice apparently had some of this in
> place already.
> 

Alright, well I've got the function I need to recreate the original
propolice behavior, I just have to get this tree generation whatever the
technobabble to attach the deltas of the function call parameter
thingymabobs to the call.

..........
..........

I gotta figure out how to get gcc-4.1.1/gcc/targhooks.c to spit out
basically __stack_chk_fail2(__FUNC__,__FILE__,__guard) instead of
__stack_chk_fail(), is what I mean.  Really curious to how this thing
works, basically I'm staring at the code hoping it'll write itself or
something XD

Once that's done gcc is fine, upstream looks willing (if a little
reluctant) to take a patch if I can supply one, and I have chosen a
strategy that will avoid ABI breakage (keep __stack_chk_fail() and add a
new handler, so old protected code stays binary compatible).

As for down here, I'll have to look into some way to log safely.
Modification to glibc to open libssp0 [in some condition] with deep
binding will be a good quick-and-dirty; libssp0 will have to go into
/lib; and the modifications to log detected smashes can stay
distro-side.  I'll have a lot more fun with that part than I will
altering the tree generation stage to attach three variables (as a
friend explained it to me).


I'm just glad to see I'm not crazy.. or at least, that I'm not the only
crazy one.

- --
All content of all messages exchanged herein are left in the
Public Domain, unless otherwise explicitly stated.

    Creative brains are a valuable, limited resource. They shouldn't be
    wasted on re-inventing the wheel when there are so many fascinating
    new problems waiting out there.
                                                 -- Eric Steven Raymond

    We will enslave their women, eat their children and rape their
    cattle!
                  -- Bosc, Evil alien overlord from the fifth dimension
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQIVAwUBRLQ6eQs1xW0HCTEFAQJvhA//TyRDVb6XURwPovIrxIgUK9tK+ifZg6sI
jgnGOs9Mar/KYsK3hmGy7q4bwUrS6qNBnQrqRIfu/dcns34ttOSCGJVKorekyKSS
mQJLvldKTCv7XG6UObVJATmvG9wsLWgzg1yYUCfqWfHjNCXrYhLZOFVOcQoGUdnl
x5GpVoBDDcOedbUhkBd4uUlpwYuf9917oZReRHyUVQOvak+1aW1hRPNEs5iW43B8
3joo31/lqd+oQgWyL5aB2Nkm1wfYTTZ861M8SyxX4RDvpUwjoY2A+a/x/ODa/eEv
3yhkpA9Kn+FC5//LPR84cnse4FAlkuAC0L7+/pqxgF+Mm5gCFG2W6s/QJRpUL0Ws
9XNh/IRcAtVevF2i/hAiJY6lqW5DXyTbM6h0Q0OBv967RgkofUl7NKRfXtvZUD1z
6QkUkemyxRHm63pAWu4Vxe1UZki5qzRiQYzvfmwIIKEfLGUON7er1hLDdNn5dNw+
evM5G1GY7eFHs2J8ZzRYEuailJcL7MWBoV91v55hlFhabq8kT95apEvH5DqDzRjE
J6hq6sDcYBZoMaoNffZOY0GEVz7NOn0pyCCN4LetFxUxWl1Ng7QQKJGlFC//06C3
CnD/zFtnr1vMzAsxxTfGBlQFyzQu7S1eVxik5YU3mYJYy/v4n17H0Zgxen8CTRia
VQ9/OHRrYJg=
=TwIp
-----END PGP SIGNATURE-----




More information about the ubuntu-users mailing list