Friday, March 28, 2014

Uspace: Stack corruption and overflow tests & results


Stack Overflow Experiments & Results

TBD.

 Stack Corruption Experiments & Results

 I used the following code to experiment user space stack corruption features.

 
        #include <stdio.h>
        #include <string.h>

        void corrupt_stack(char* str, char *buf1)
        {
            char buf[4];
            strcpy(buf, str);  <-- If input str is longer than 4 bytes, results in stack corruption
            strcpy(buf1, str);   
        }

        int main(void)
        {
            char buf1[100];
            char buf2[100];

            printf("Enter the buffer: \r\n");
            scanf("%s", buf2);
            corrupt_stack(buf2, buf1);
            printf("Survived Stack corruption \r\n");
            return 0;
        }

Stack corruption experiment when -fstack-protector is disabled:
root@babu-VirtualBox:~/tools/stk_corruption# gcc -fno-stack-protector stk_corrupt.c -o stk_corrupt
root@babu-VirtualBox:~/tools/stk_corruption# ./stk_corrupt
Enter the buffer:
sdsadsjsdfsdjfsdfjlskfj
Segmentation fault (core dumped)
root@babu-VirtualBox:~/tools/stk_corruption# 

Stack corruption experiment when -fstack-protector is enabled:

root@babu-VirtualBox:~/tools/stk_corruption# gcc -fstack-protector stk_corrupt.c -o stk_corrupt
root@babu-VirtualBox:~/tools/stk_corruption# ./stk_corrupt
Enter the buffer:
asd
Survived Stack corruption
root@babu-VirtualBox:~/tools/stk_corruption#
root@babu-VirtualBox:~/tools/stk_corruption#
root@babu-VirtualBox:~/tools/stk_corruption# ./stk_corrupt
Enter the buffer:
asdfgg
*** stack smashing detected ***: ./stk_corrupt terminated
Aborted (core dumped)
root@babu-VirtualBox:~/tools/stk_corruption# 

So, -fstack-protector has helped to clearly identify the segmentation fault is due to stack overflow.

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)
UA-48797665-1