Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Stack smashing protection #4

Open
danielsz opened this issue Jan 30, 2024 · 1 comment
Open

Stack smashing protection #4

danielsz opened this issue Jan 30, 2024 · 1 comment
Assignees
@matheusmoreira
Labels
enhancement New feature or request good first issue Good for newcomers

Comments

@danielsz
Copy link
Contributor

danielsz commented Jan 30, 2024
edited by matheusmoreira
Loading

GCC stack smashing protection references:

When stack smashing protection is turned on, the compiler generates some fairly simple code:

extern uintptr_t __stack_chk_guard;
noreturn void __stack_chk_fail(void);

void foo(const char* str)
{
	uintptr_t canary = __stack_chk_guard;

	/* ... */

	if ( (canary = canary ^ __stack_chk_guard) != 0 )
		__stack_chk_fail();
}

It looks like all we have to do is initialize __stack_chk_guard to a random number and provide a __stack_chk_fail function which exits the program. Linux provides 16 random bytes to every process via the auxiliary vector and lone already uses those to initialize its hash functions. It should be possible to use those random bytes to initialize the stack canary as well.

Originally posted by @matheusmoreira in #3 (comment)
@matheusmoreira matheusmoreira added enhancement New feature or request good first issue Good for newcomers labels Jan 30, 2024
@matheusmoreira matheusmoreira self-assigned this Jan 30, 2024
matheusmoreira added a commit that referenced this issue Jan 30, 2024
@matheusmoreira
make: disable stack smashing protection
d77cd16 
If the compiler's stack smashing protections are enabled,
references to the following symbols are emitted:

    __stack_chk_guard
    __stack_chk_fail

Since lone is freestanding and has no C library support,
those symbols are not defined and therefore the build
will be broken if stack smashing protection is enabled.
So ensure it is turned off in the makefile.

This is supposed to be a temporary solution.
The long term goal is to integrate lone with the
compiler's stack smashing protection machinery.
Progress towards this goal is tracked in issue #4.

Reported-by: Daniel Szmulewicz <[email protected]>
Tested-by: Daniel Szmulewicz <[email protected]>
Reviewed-by: Matheus Afonso Martins Moreira <[email protected]>
Signed-off-by: Matheus Afonso Martins Moreira <[email protected]>

GitHub-Pull-Request: #3
GitHub-Issue: #4
@matheusmoreira
Copy link
Collaborator

matheusmoreira commented Jan 31, 2024
edited
Loading

Possible implementation alternative: trapping stack smashing protector which eliminates the need to implement __stack_chk_fail. I've also requested the ability to rename these symbols.

@matheusmoreira matheusmoreira changed the title GCC stack smashing protection references: Stack smashing protection Feb 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@matheusmoreira matheusmoreira

Labels
enhancement New feature or request good first issue Good for newcomers
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@matheusmoreira @danielsz