Hi,
Yes, it is possible to use it on userland applications. Which applications would you like to compile with the size_overflow plugin?
It supports programs written in C. There is a test userland project (openssl):
http://grsecurity.net/~ephox/overflow_p ... d_patches/or in my gentoo overlay:
http://grsecurity.net/~ephox/overflow_plugin/gentoo/I've been using it myself for some months already without problems.
If you would like other applications you should generate a hash table for the size_overflow plugin and you must put the report_size_overflow() function definition into the application.
Something like that:
http://grsecurity.net/~ephox/overflow_p ... .0.1.patchYou must mark with the size_overflow attribute (__attribute__((size_overflow(1)))) the base functions where you want to check the size overflow. These functions are e.g., malloc(), strncpy(). Or you can put them into the
hash table as I did it for openssl. When it is done the plugin prints out the function name that ends up calling malloc and is missing from the hash table.
This is the message:
"Function %s is missing from the size_overflow hash table +%s+%u+%u+" (caller's name, parameter's number, hash)"
You must put them into the hash table, here is a hash table generator script:
http://grsecurity.net/~ephox/overflow_p ... ow_hash.shIt generates the hash table from this format:
http://grsecurity.net/~ephox/overflow_p ... _hash.data You should compile the application again until there is no "missing" message.
You can read more about my plugin here:
viewtopic.php?f=7&t=3043If you are done please send me the hash tables and the patches for the applications.
Posted: Thu Jul 11, 2013 6:05 am