All geek questions in one place

What versions of GCC or flags should be used when examining buffer overflows?

Recently, I have been studying buffer overflows as a bachelor's student in computer science. Just out of interest, I started to study and study buffer overflows, but got stuck trying to implement them in my own programs on my computer compiled with GCC 4.9.1 (in Debian Jessie).

I heard that new compilers have some kind of protection, so I think my problem is that my version of the compiler is too new. Either this, or I am not compiling with the correct flags (none).

So, are there any good versions of GCC for me to check for buffer overflows? Or should I use a specific flag to prevent stack and canary protection?

Thank you for your time.

+5
source share
3 answers

Use -zexecstack -fno-stack-protector to disable the protection of the stack frame and non-executable stack using gcc .

On your Linux system, you also need to disable address randomization (ASLR) using:

 echo 0 > /proc/sys/kernel/randomize_va_space
+3
source

Use the -fno-stack-protector option in gcc to disable stack splitting protection.

+3
source

The most recent versions of GCC (> = 4.8) have included AddressSanitizer with the -fsanitize=address option. From 4.8 Note Notes :

Destination The Santitizer, a fast memory error detector, has been added and can be activated via -fsanitize=address . Memory access instructions will be a tool for detecting heap, stack, and global buffer overflows, as well as errors after use. For more convenient stacks, use -fno-omit-frame-pointer . AddressSanitizer is available on IA-32 / x86-64 / x32 / PowerPC / PowerPC64 GNU / Linux and on x86-64 Darwin.

GCC 4.9 added its support on the ARM platform.

+3
source

Source: https://habr.com/ru/post/1204213/

More articles:


All Articles