summaryrefslogtreecommitdiff
path: root/libc/sysdeps/linux/common/ssp.c
diff options
context:
space:
mode:
authorEric Andersen <andersen@codepoet.org>2004-01-02 23:34:13 +0000
committerEric Andersen <andersen@codepoet.org>2004-01-02 23:34:13 +0000
commitfb84603f8c45fdafdaa750490785fc1b15541386 (patch)
tree257c50f56dfb4d90e775b83a915ae21d9f39bb04 /libc/sysdeps/linux/common/ssp.c
parentcadff3f10e8f20f8db0e2878abf90fb16eba797a (diff)
Peter S. Mazinger writes:
Hello Erik! I have made some cosmetical changes to the files, removed the added SCRT=-fPIC option from building the crt0.S file (but it is a requirement to build them with -fPIC), and changed some comments. I have left the ldso.c patch with PIE_SUPPORT ifdefs, but consider applying it w/o them (see some earlier comment from PaX Team on this issue, as it is considered a bug). To have it work correctly, you'll also need removing COMPLETELY_PIC. One thing is missing: PIE_SUPPORT should be usable only for i386 (for now). Also added the support for propolice protection (that works for me and catches memcpy/strcpy attacks (but needs a special gcc version). Thanks, Peter
Diffstat (limited to 'libc/sysdeps/linux/common/ssp.c')
-rw-r--r--libc/sysdeps/linux/common/ssp.c97
1 files changed, 97 insertions, 0 deletions
diff --git a/libc/sysdeps/linux/common/ssp.c b/libc/sysdeps/linux/common/ssp.c
new file mode 100644
index 000000000..135892c37
--- /dev/null
+++ b/libc/sysdeps/linux/common/ssp.c
@@ -0,0 +1,97 @@
+#include <stdio.h>
+#include <string.h>
+#include <fcntl.h>
+#include <unistd.h>
+
+#ifdef _POSIX_SOURCE
+#include <signal.h>
+#endif
+
+#if defined(HAVE_SYSLOG)
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <sys/un.h>
+
+#include <sys/syslog.h>
+#ifndef _PATH_LOG
+#define _PATH_LOG "/dev/log"
+#endif
+#endif
+
+long __guard[8] = {0, 0, 0, 0, 0, 0, 0, 0};
+
+void __guard_setup (void)
+{
+ int fd;
+ if (__guard[0]!=0) return;
+ fd = open ("/dev/urandom", 0);
+ if (fd != -1) {
+ ssize_t size = read (fd, (char*)&__guard, sizeof(__guard));
+ close (fd) ;
+ if (size == sizeof(__guard)) return;
+ }
+ /* If a random generator can't be used, the protector switches the guard
+ to the "terminator canary" */
+ ((char*)__guard)[0] = 0; ((char*)__guard)[1] = 0;
+ ((char*)__guard)[2] = '\n'; ((char*)__guard)[3] = 255;
+}
+
+void __stack_smash_handler (char func[], int damaged)
+{
+#if defined (__GNU_LIBRARY__)
+ extern char * __progname;
+#endif
+ const char message[] = ": stack smashing attack in function ";
+ int bufsz = 512, len;
+ char buf[bufsz];
+#if defined(HAVE_SYSLOG)
+ int LogFile;
+ struct sockaddr_un SyslogAddr; /* AF_UNIX address of local logger */
+#endif
+#ifdef _POSIX_SOURCE
+ {
+ sigset_t mask;
+ sigfillset(&mask);
+ sigdelset(&mask, SIGABRT); /* Block all signal handlers */
+ sigprocmask(SIG_BLOCK, &mask, NULL); /* except SIGABRT */
+ }
+#endif
+
+ strcpy(buf, "<2>"); len=3; /* send LOG_CRIT */
+#if defined (__GNU_LIBRARY__)
+ strncat(buf, __progname, bufsz-len-1); len = strlen(buf);
+#endif
+ if (bufsz>len) {strncat(buf, message, bufsz-len-1); len = strlen(buf);}
+ if (bufsz>len) {strncat(buf, func, bufsz-len-1); len = strlen(buf);}
+ /* print error message */
+ write (STDERR_FILENO, buf+3, len-3);
+#if defined(HAVE_SYSLOG)
+ if ((LogFile = socket(AF_UNIX, SOCK_DGRAM, 0)) != -1) {
+
+ /*
+ * Send "found" message to the "/dev/log" path
+ */
+ SyslogAddr.sun_family = AF_UNIX;
+ (void)strncpy(SyslogAddr.sun_path, _PATH_LOG,
+ sizeof(SyslogAddr.sun_path) - 1);
+ SyslogAddr.sun_path[sizeof(SyslogAddr.sun_path) - 1] = '\0';
+ sendto(LogFile, buf, len, 0, (struct sockaddr *)&SyslogAddr,
+ sizeof(SyslogAddr));
+ }
+#endif
+
+#ifdef _POSIX_SOURCE
+ { /* Make sure the default handler is associated with SIGABRT */
+ struct sigaction sa;
+
+ memset(&sa, 0, sizeof(struct sigaction));
+ sigfillset(&sa.sa_mask); /* Block all signals */
+ sa.sa_flags = 0;
+ sa.sa_handler = SIG_DFL;
+ sigaction(SIGABRT, &sa, NULL);
+ (void)kill(getpid(), SIGABRT);
+ }
+#endif
+ _exit(127);
+}
+