堆栈缓冲区溢出检测机制?
[英]Mechanisms for stack buffer overflow detection?
问题描述
Compiling and running the following: 
编译并运行以下命令:
void main() {
int array[10];
array[10] = 2;
}
Which is to my understanding stack overrun. 据我所知,这是堆栈溢出。
GCC does not seem to detect the problem. GCC似乎没有检测到问题。
Only when I compile using the additional flag -fstack-protector-all I get the stack trace. 仅当我使用附加标志-fstack-protector-all编译时,我才获得堆栈跟踪。
Is there a way to detect erroneous illegal memory access for a binary compiled and linked without the gcc flag -fstack-protector-all , or it will run normally and the process would then access memory which does not belong to it? 有没有一种方法可以在没有gcc标志-fstack-protector-all情况下检测编译和链接的二进制文件的错误的非法内存访问,否则它将正常运行,然后该进程将访问不属于它的内存?
1 个解决方案
解决方案1
1 已采纳 2017-03-10 15:57:30
First of all, many modern distros will enable -fstack-protector and other security measures ( _FORTIFY_SOURCE , -fPIE , etc.) by default so you program will get some protection even without you asking for it. 首先,默认情况下,许多现代发行版都会默认启用-fstack-protector和其他安全措施( _FORTIFY_SOURCE , -fPIE等),因此即使您不要求它,您的程序也将获得一些保护。
Secondly, if that's not the case and buffer overflow results in a really bad error (eg accessing invalid memory or overwriting return address), kernel will kill the application and dump core. 其次,如果不是这种情况,并且缓冲区溢出导致一个非常严重的错误 (例如,访问无效的内存或覆盖返回地址),内核将杀死应用程序并转储核心。
More subtle errors (which cause program to malfunction but not in obvious ways), will go undetected though. 但是,更细微的错误(会导致程序出现故障,但不会以明显的方式出现),将不会被发现。 There's no way to diagnose them without eg recompiling with ASan. 如果不使用ASan重新编译,就无法诊断它们。
PS Keep in mind that simple one-line buffer overflows like the one in your question tend to be optimized out by compiler. PS请记住,像问题中那样的简单的单行缓冲区溢出往往会被编译器优化。 My GCC 5.4.0 simply dropped access to array[10] . 我的GCC 5.4.0只是放弃了对array[10]访问。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.