堆栈内存溢出
  简体   繁体   English

如何检测是否在iOS应用中启用了堆栈粉碎保护

[英]How to detect if stack smashing protection is enabled in an iOS app

 原文  2017-10-07 06:07:43       ios/ xcode/ ios11/ otool/ stack-smash

问题描述

I want to be able to check if stack smashing protection (-fstack-protector-all) is enabled in an iOS app built on Xcode 9 with a target of iOS 11. 我希望能够检查是否在基于Xcode 9的iOS应用程序中启用了堆栈粉碎保护(-fstack-protector-all),并且目标是iOS 11。

I built an app with -fstack-protector-all enabled in "Other C flags", and it does build and run, but how can I verify that stack smashing protection is enabled? 我构建了在“其他C标志”中启用了-fstack-protector-all的应用程序,并且该应用程序可以构建并运行,但是如何验证已启用堆栈粉碎保护?

There are lots of older (2013 and earlier) resources out there that mention otool -Iv appName |grep stack_chk , but I ran that on my app binary and stack_chk was nowhere to be found in the output. 有很多旧的(2013年和更早的)资源提到了otool -Iv appName |grep stack_chk ,但是我在我的应用程序二进制文件上运行了该文件,而在输出中找不到stack_chk。

Is there a modern equivalent to that command? 有相当于该命令的现代版本吗? Is -fstack-protector-all even necessary anymore given the current set of defaults in Xcode? 给定Xcode当前的默认设置,是否还需要-fstack-protector-all?

2 个解决方案

解决方案1
 0  2018-07-30 10:10:59

You could check the generated code yourself. 您可以自己检查生成的代码。 Compile with and without protection, then have a look at the disassembled code (for XCode you can use: View disassembly in XCode 4 (or Xcode 5 or Xcode 6) , or just use your favorite disassembler). 在有和没有保护的情况下进行编译,然后查看反汇编的代码(对于XCode,您可以使用: 在XCode 4(或Xcode 5或Xcode 6)中查看反汇编 ,或者仅使用您喜欢的反汇编程序)。

Samples of the generated code in both cases can be found here: https://security.stackexchange.com/questions/158609/how-is-the-stack-protection-enforced-in-a-binary?newreg=af786a3bcdc841e1b92110299a2951af 两种情况下生成的代码示例都可以在以下位置找到: https : //security.stackexchange.com/questions/158609/how-is-the-stack-protection-enforced-in-a-binary?newreg=af786a3bcdc841e1b92110299a2951af

Last but not least, just try to write a small test of your own, which attempts to corrupt the stack. 最后但并非最不重要的一点,就是尝试编写一个自己的小型测试,尝试破坏堆栈。 Once you are able to smash the stack, enable the protection flag, rebuild and see if it has any effect. 一旦能够粉碎堆栈,请启用保护标志,重新构建并查看其是否起作用。 Trivial examples can be found, of course, here: https://en.wikipedia.org/wiki/Stack_buffer_overflow 当然,可以在以下位置找到一些简单的示例: https : //en.wikipedia.org/wiki/Stack_buffer_overflow

解决方案2
 0  2018-07-30 10:21:48

-fstack-protector-all is a valid option for llvm compiler used in Xcode, see for example http://lists.llvm.org/pipermail/cfe-dev/2017-April/053662.html . -fstack-protector-all是Xcode中使用的llvm编译器的有效选项,请参见例如http://lists.llvm.org/pipermail/cfe-dev/2017-April/053662.html It is just poorly documented unfortunately. 不幸的是,它的文献很少。

For how to verify you can look at assembly generated with and without the option as suggested in the other answer or just compare the generated binaries size at first. 有关如何验证的信息,您可以查看生成的程序集,该程序集是否包含另一个答案中建议的选项,或者只是首先比较生成的二进制文件大小。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何为使用Xamarin构建的iOS应用程序启用堆栈粉碎保护? - How do you enable stack smashing protection for an iOS app built with Xamarin? 如何在 Nativescript 项目中启用 iOS Stack Smashing Protection? - How to enable iOS Stack Smashing Protection in a Nativescript project? 如何在 IOS swift 应用程序中启用堆栈粉碎保护? - How to enable Stack Smashing Protection in IOS swift application? Swift 和 Stack 粉碎保护 - Swift and Stack smashing protection Swift 和堆栈粉碎保护不起作用 - Swift and Stack smashing protection not working iOS 7:检测是否启用了App自动更新? - iOS 7: detect if App autoupdating is enabled? 如何检测在 iOS 8 上的包含应用程序中启用了应用程序扩展? - How to detect an app extension is enabled in containing app on iOS 8? 如何检测我的iOS应用程序已启用PIE / ASLR? - How to detect that PIE/ASLR has been enabled for my iOS app? iOS应用中的服务器保护 - Server protection in iOS app 如何告诉iOS 11中的Smart Invert不要反转我的app颜色并检测它是否已启用? - How to tell Smart Invert in iOS 11 not to invert my app colors and detect if it is enabled?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM