Using the size_overflow plugin on userland programs?

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.

Using the size_overflow plugin on userland programs?

Postby GBit » Thu Jul 11, 2013 6:05 am

I didn't want to post on that blog page, as it seemed like the dev is using it for updates. Not sure where to post this.

Is there a method for using the size_overflow plugin on userland applications that we compile yet? If so, is there a guide for this?
GBit
 
Posts: 81
Joined: Mon Jun 04, 2012 3:31 pm

Re: Using the size_overflow plugin on userland programs?

Postby ephox » Thu Jul 11, 2013 9:35 am

Hi,

Yes, it is possible to use it on userland applications. Which applications would you like to compile with the size_overflow plugin?
It supports programs written in C. There is a test userland project (openssl):
http://grsecurity.net/~ephox/overflow_p ... d_patches/
or in my gentoo overlay:
http://grsecurity.net/~ephox/overflow_plugin/gentoo/
I've been using it myself for some months already without problems.

If you would like other applications you should generate a hash table for the size_overflow plugin and you must put the report_size_overflow() function definition into the application.
Something like that:
http://grsecurity.net/~ephox/overflow_p ... .0.1.patch

You must mark with the size_overflow attribute (__attribute__((size_overflow(1)))) the base functions where you want to check the size overflow. These functions are e.g., malloc(), strncpy(). Or you can put them into the
hash table as I did it for openssl. When it is done the plugin prints out the function name that ends up calling malloc and is missing from the hash table.
This is the message:
"Function %s is missing from the size_overflow hash table +%s+%u+%u+" (caller's name, parameter's number, hash)"
You must put them into the hash table, here is a hash table generator script:
http://grsecurity.net/~ephox/overflow_p ... ow_hash.sh
It generates the hash table from this format:
http://grsecurity.net/~ephox/overflow_p ... _hash.data

You should compile the application again until there is no "missing" message.

You can read more about my plugin here:
viewtopic.php?f=7&t=3043

If you are done please send me the hash tables and the patches for the applications.
ephox
 
Posts: 134
Joined: Tue Mar 20, 2012 4:36 pm

Re: Using the size_overflow plugin on userland programs?

Postby GBit » Thu Jul 11, 2013 3:48 pm

Wow, great thank you. It may be a bit beyond me, but I'm going to try with a few test programs and then some mainstream ones. I'll absolutely send you the info if/when I finish.
GBit
 
Posts: 81
Joined: Mon Jun 04, 2012 3:31 pm


Return to grsecurity support