Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use the illumos libc SSP implementation for -fstack-protector (9.3.0) #39

Open
wants to merge 1 commit into
base: il-9_3_0
Choose a base branch
from
Open

Use the illumos libc SSP implementation for -fstack-protector (9.3.0) #39

wants to merge 1 commit into from

Conversation

citrus-it
Copy link
Member

@citrus-it citrus-it commented Nov 5, 2020
edited
Loading

With this patch applied, and with the compiler configured to output 64-bit objects by default:

% gcc -dumpspecs | grep -A3 link_ssp
*link_ssp:
%{fstack-protector|fstack-protector-all|fstack-protector-strong|fstack-protector-explicit:%{m32:%{fpie|fPIE|fpic|fPIC:-lssp_ns}}}

When configured to output 32-bit objects by default, this looks as follows:
(This is from gcc7 built with the same patch - gcc7 on OmniOS produces 32-bit by default)

*link_ssp:
%{fstack-protector|fstack-protector-all|fstack-protector-strong|fstack-protector-explicit:%{!m64:%{fpie|fPIE|fpic|fPIC:-lssp_ns}}}

Testing so far has been with this small program:

#include <stdio.h>
#include <string.h>

const char* buffer_long = "This is a long long string";

void
stack_overflows_here(void)
{
        char buffer_short[20];

        strcpy(buffer_short, buffer_long);

        printf("Overflow triggered.\n");
}

int
main(void)
{
        printf("Starting ");
#ifdef _LP64
        printf("64-bit ");
#else
        printf("32-bit ");
#endif
#ifdef __pic__
        printf("- PIC: %d ", __pic__);
#endif
#ifdef __pie__
        printf("- PIE: %d ", __pie__);
#endif
        printf("\n");

        stack_overflows_here();

        return 0;
}

and the following test driver script

#!/bin/ksh

o="-fstack-protector"

function check {
        typeset f="$1"
        echo "*** $f"
        nm $f | grep __stack_chk | cut -d'|' -f3-
        [[ $f = *.o ]] && return
        (./$f) && banner "$f DID NOT CRASH"
}

for b in 32 64; do
        for f in "" pic PIC pie PIE; do
                echo "******"
                echo "****** $b $f"
                echo "******"

                [ -n "$f" ] && fopt="-f$f" || fopt=

                op=overflow-$b-$f
                gcc -m$b $o $fopt -o $op overflow.c
                check $op

                op=overflow-$b-$f.o
                gcc -m$b $o $fopt -o $op -c overflow.c
                check $op

                op=overflow-$b-$f-2stage
                gcc -m$b $o $fopt -o $op overflow-$b-$f.o
                check overflow-$b-$f-2stage

                op=overflow-$b-$f-2stage-nosplink
                gcc -m$b $fopt -o $op overflow-$b-$f.o
                # Expect link failure for 32-bit pic/pie case
                if [ $b != 32 -o -z "$f" ]; then
                        check $op
                else
                        # Test again and link with ssp_ns
                        gcc -m$b $fopt -o $op overflow-$b-$f.o -lssp_ns
                        check $op
                fi

                op=overflow-$b-$f-2stage-ld
                ld -$b -o overflow-$b-$f-2stage-ld overflow-$b-$f.o -lc
                # Expect link failure for 32-bit pic/pie case
                if [ $b != 32 -o -z "$f" ]; then
                        check $op
                else
                        # Test again and link the correct object
                        ld -$b -o overflow-$b-$f-2stage-ld overflow-$b-$f.o \
                            -lc -l ssp_ns
                        check $op
                fi

                echo
        done
        echo
done

which is producing the expected output. Showing that the __stack_chk_fail_local symbol only comes into play for 32-bit PIC objects, and that gcc does the right thing when linking those objects.

******
****** 32
******
*** overflow-32-
         0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
         4|OBJT |GLOB |0    |24     |__stack_chk_guard
./test[23]: check: line 10: 3885: Abort(coredump)
*** overflow-32-.o
         0|NOTY |GLOB |0    |UNDEF  |__stack_chk_fail
         0|NOTY |GLOB |0    |UNDEF  |__stack_chk_guard
*** overflow-32--2stage
         0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
         4|OBJT |GLOB |0    |24     |__stack_chk_guard
./test[31]: check: line 10: 3897: Abort(coredump)
*** overflow-32--2stage-nosplink
         0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
         4|OBJT |GLOB |0    |24     |__stack_chk_guard
./test[37]: check: line 10: 3904: Abort(coredump)
*** overflow-32--2stage-ld
         0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
         4|OBJT |GLOB |0    |17     |__stack_chk_guard
./test[48]: check: line 10: 3909: Abort(coredump)

******
****** 32 pic
******
*** overflow-32-pic
         0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
        29|FUNC |LOCL |2    |13     |__stack_chk_fail_local
         0|OBJT |GLOB |0    |UNDEF  |__stack_chk_guard
./test[23]: check: line 10: 3918: Abort(coredump)
*** overflow-32-pic.o
         0|NOTY |GLOB |2    |UNDEF  |__stack_chk_fail_local
         0|NOTY |GLOB |0    |UNDEF  |__stack_chk_guard
*** overflow-32-pic-2stage
         0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
        29|FUNC |LOCL |2    |13     |__stack_chk_fail_local
         0|OBJT |GLOB |0    |UNDEF  |__stack_chk_guard
./test[31]: check: line 10: 3930: Abort(coredump)
Undefined                       first referenced
 symbol                             in file
__stack_chk_fail_local              overflow-32-pic.o  (symbol scope specifies local binding)
ld: fatal: symbol referencing errors. No output written to overflow-32-pic-2stage-nosplink
collect2: error: ld returned 1 exit status
*** overflow-32-pic-2stage-nosplink
         0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
        29|FUNC |LOCL |2    |13     |__stack_chk_fail_local
         0|OBJT |GLOB |0    |UNDEF  |__stack_chk_guard
./test[41]: check: line 10: 3940: Abort(coredump)
Undefined                       first referenced
 symbol                             in file
__stack_chk_fail_local              overflow-32-pic.o  (symbol scope specifies local binding)
ld: fatal: symbol referencing errors. No output written to overflow-32-pic-2stage-ld
*** overflow-32-pic-2stage-ld
         0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
        29|FUNC |LOCL |2    |12     |__stack_chk_fail_local
         0|OBJT |GLOB |0    |UNDEF  |__stack_chk_guard
./test[53]: check: line 10: 3946: Abort(coredump)

******
****** 32 PIC
******
*** overflow-32-PIC
         0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
        29|FUNC |LOCL |2    |13     |__stack_chk_fail_local
         0|OBJT |GLOB |0    |UNDEF  |__stack_chk_guard
./test[23]: check: line 10: 3955: Abort(coredump)
*** overflow-32-PIC.o
         0|NOTY |GLOB |2    |UNDEF  |__stack_chk_fail_local
         0|NOTY |GLOB |0    |UNDEF  |__stack_chk_guard
*** overflow-32-PIC-2stage
         0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
        29|FUNC |LOCL |2    |13     |__stack_chk_fail_local
         0|OBJT |GLOB |0    |UNDEF  |__stack_chk_guard
./test[31]: check: line 10: 3967: Abort(coredump)
Undefined                       first referenced
 symbol                             in file
__stack_chk_fail_local              overflow-32-PIC.o  (symbol scope specifies local binding)
ld: fatal: symbol referencing errors. No output written to overflow-32-PIC-2stage-nosplink
collect2: error: ld returned 1 exit status
*** overflow-32-PIC-2stage-nosplink
         0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
        29|FUNC |LOCL |2    |13     |__stack_chk_fail_local
         0|OBJT |GLOB |0    |UNDEF  |__stack_chk_guard
./test[41]: check: line 10: 3977: Abort(coredump)
Undefined                       first referenced
 symbol                             in file
__stack_chk_fail_local              overflow-32-PIC.o  (symbol scope specifies local binding)
ld: fatal: symbol referencing errors. No output written to overflow-32-PIC-2stage-ld
*** overflow-32-PIC-2stage-ld
         0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
        29|FUNC |LOCL |2    |12     |__stack_chk_fail_local
         0|OBJT |GLOB |0    |UNDEF  |__stack_chk_guard
./test[53]: check: line 10: 3983: Abort(coredump)

******
****** 32 pie
******
*** overflow-32-pie
         0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
        29|FUNC |LOCL |2    |13     |__stack_chk_fail_local
         0|OBJT |GLOB |0    |UNDEF  |__stack_chk_guard
./test[23]: check: line 10: 3992: Abort(coredump)
*** overflow-32-pie.o
         0|NOTY |GLOB |2    |UNDEF  |__stack_chk_fail_local
         0|NOTY |GLOB |0    |UNDEF  |__stack_chk_guard
*** overflow-32-pie-2stage
         0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
        29|FUNC |LOCL |2    |13     |__stack_chk_fail_local
         0|OBJT |GLOB |0    |UNDEF  |__stack_chk_guard
./test[31]: check: line 10: 4004: Abort(coredump)
Undefined                       first referenced
 symbol                             in file
__stack_chk_fail_local              overflow-32-pie.o  (symbol scope specifies local binding)
ld: fatal: symbol referencing errors. No output written to overflow-32-pie-2stage-nosplink
collect2: error: ld returned 1 exit status
*** overflow-32-pie-2stage-nosplink
         0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
        29|FUNC |LOCL |2    |13     |__stack_chk_fail_local
         0|OBJT |GLOB |0    |UNDEF  |__stack_chk_guard
./test[41]: check: line 10: 4014: Abort(coredump)
Undefined                       first referenced
 symbol                             in file
__stack_chk_fail_local              overflow-32-pie.o  (symbol scope specifies local binding)
ld: fatal: symbol referencing errors. No output written to overflow-32-pie-2stage-ld
*** overflow-32-pie-2stage-ld
         0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
        29|FUNC |LOCL |2    |12     |__stack_chk_fail_local
         0|OBJT |GLOB |0    |UNDEF  |__stack_chk_guard
./test[53]: check: line 10: 4020: Abort(coredump)

******
****** 32 PIE
******
*** overflow-32-PIE
         0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
        29|FUNC |LOCL |2    |13     |__stack_chk_fail_local
         0|OBJT |GLOB |0    |UNDEF  |__stack_chk_guard
./test[23]: check: line 10: 4029: Abort(coredump)
*** overflow-32-PIE.o
         0|NOTY |GLOB |2    |UNDEF  |__stack_chk_fail_local
         0|NOTY |GLOB |0    |UNDEF  |__stack_chk_guard
*** overflow-32-PIE-2stage
         0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
        29|FUNC |LOCL |2    |13     |__stack_chk_fail_local
         0|OBJT |GLOB |0    |UNDEF  |__stack_chk_guard
./test[31]: check: line 10: 4041: Abort(coredump)
Undefined                       first referenced
 symbol                             in file
__stack_chk_fail_local              overflow-32-PIE.o  (symbol scope specifies local binding)
ld: fatal: symbol referencing errors. No output written to overflow-32-PIE-2stage-nosplink
collect2: error: ld returned 1 exit status
*** overflow-32-PIE-2stage-nosplink
         0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
        29|FUNC |LOCL |2    |13     |__stack_chk_fail_local
         0|OBJT |GLOB |0    |UNDEF  |__stack_chk_guard
./test[41]: check: line 10: 4051: Abort(coredump)
Undefined                       first referenced
 symbol                             in file
__stack_chk_fail_local              overflow-32-PIE.o  (symbol scope specifies local binding)
ld: fatal: symbol referencing errors. No output written to overflow-32-PIE-2stage-ld
*** overflow-32-PIE-2stage-ld
         0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
        29|FUNC |LOCL |2    |12     |__stack_chk_fail_local
         0|OBJT |GLOB |0    |UNDEF  |__stack_chk_guard
./test[53]: check: line 10: 4057: Abort(coredump)


******
****** 64
******
*** overflow-64-
                   0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
                   8|OBJT |GLOB |0    |24     |__stack_chk_guard
./test[23]: check: line 10: 4066: Abort(coredump)
*** overflow-64-.o
                   0|NOTY |GLOB |0    |UNDEF  |__stack_chk_fail
                   0|NOTY |GLOB |0    |UNDEF  |__stack_chk_guard
*** overflow-64--2stage
                   0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
                   8|OBJT |GLOB |0    |24     |__stack_chk_guard
./test[31]: check: line 10: 4078: Abort(coredump)
*** overflow-64--2stage-nosplink
                   0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
                   8|OBJT |GLOB |0    |24     |__stack_chk_guard
./test[37]: check: line 10: 4085: Abort(coredump)
*** overflow-64--2stage-ld
                   0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
                   8|OBJT |GLOB |0    |19     |__stack_chk_guard
./test[48]: check: line 10: 4090: Abort(coredump)

******
****** 64 pic
******
*** overflow-64-pic
                   0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
                   0|OBJT |GLOB |0    |UNDEF  |__stack_chk_guard
./test[23]: check: line 10: 4099: Abort(coredump)
*** overflow-64-pic.o
                   0|NOTY |GLOB |0    |UNDEF  |__stack_chk_fail
                   0|NOTY |GLOB |0    |UNDEF  |__stack_chk_guard
*** overflow-64-pic-2stage
                   0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
                   0|OBJT |GLOB |0    |UNDEF  |__stack_chk_guard
./test[31]: check: line 10: 4111: Abort(coredump)
*** overflow-64-pic-2stage-nosplink
                   0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
                   0|OBJT |GLOB |0    |UNDEF  |__stack_chk_guard
./test[37]: check: line 10: 4118: Abort(coredump)
*** overflow-64-pic-2stage-ld
                   0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
                   0|OBJT |GLOB |0    |UNDEF  |__stack_chk_guard
./test[48]: check: line 10: 4123: Abort(coredump)

******
****** 64 PIC
******
*** overflow-64-PIC
                   0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
                   0|OBJT |GLOB |0    |UNDEF  |__stack_chk_guard
./test[23]: check: line 10: 4132: Abort(coredump)
*** overflow-64-PIC.o
                   0|NOTY |GLOB |0    |UNDEF  |__stack_chk_fail
                   0|NOTY |GLOB |0    |UNDEF  |__stack_chk_guard
*** overflow-64-PIC-2stage
                   0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
                   0|OBJT |GLOB |0    |UNDEF  |__stack_chk_guard
./test[31]: check: line 10: 4144: Abort(coredump)
*** overflow-64-PIC-2stage-nosplink
                   0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
                   0|OBJT |GLOB |0    |UNDEF  |__stack_chk_guard
./test[37]: check: line 10: 4151: Abort(coredump)
*** overflow-64-PIC-2stage-ld
                   0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
                   0|OBJT |GLOB |0    |UNDEF  |__stack_chk_guard
./test[48]: check: line 10: 4156: Abort(coredump)

******
****** 64 pie
******
*** overflow-64-pie
                   0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
                   0|OBJT |GLOB |0    |UNDEF  |__stack_chk_guard
./test[23]: check: line 10: 4165: Abort(coredump)
*** overflow-64-pie.o
                   0|NOTY |GLOB |0    |UNDEF  |__stack_chk_fail
                   0|NOTY |GLOB |0    |UNDEF  |__stack_chk_guard
*** overflow-64-pie-2stage
                   0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
                   0|OBJT |GLOB |0    |UNDEF  |__stack_chk_guard
./test[31]: check: line 10: 4177: Abort(coredump)
*** overflow-64-pie-2stage-nosplink
                   0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
                   0|OBJT |GLOB |0    |UNDEF  |__stack_chk_guard
./test[37]: check: line 10: 4184: Abort(coredump)
*** overflow-64-pie-2stage-ld
                   0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
                   0|OBJT |GLOB |0    |UNDEF  |__stack_chk_guard
./test[48]: check: line 10: 4189: Abort(coredump)

******
****** 64 PIE
******
*** overflow-64-PIE
                   0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
                   0|OBJT |GLOB |0    |UNDEF  |__stack_chk_guard
./test[23]: check: line 10: 4198: Abort(coredump)
*** overflow-64-PIE.o
                   0|NOTY |GLOB |0    |UNDEF  |__stack_chk_fail
                   0|NOTY |GLOB |0    |UNDEF  |__stack_chk_guard
*** overflow-64-PIE-2stage
                   0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
                   0|OBJT |GLOB |0    |UNDEF  |__stack_chk_guard
./test[31]: check: line 10: 4210: Abort(coredump)
*** overflow-64-PIE-2stage-nosplink
                   0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
                   0|OBJT |GLOB |0    |UNDEF  |__stack_chk_guard
./test[37]: check: line 10: 4217: Abort(coredump)
*** overflow-64-PIE-2stage-ld
                   0|FUNC |GLOB |0    |UNDEF  |__stack_chk_fail
                   0|OBJT |GLOB |0    |UNDEF  |__stack_chk_guard
./test[48]: check: line 10: 4222: Abort(coredump)

@citrus-it citrus-it changed the title Use the illumos libc SSP implementation for -fstack-protector Use the illumos libc SSP implementation for -fstack-protector (9.3.0) Jan 12, 2021
@rmustacc
Copy link

Do we have test suite results for this?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@citrus-it @rmustacc