r1167 - in trunk/BOOK: appendix chapter01 chapter05

robert at linuxfromscratch.org robert at linuxfromscratch.org
Sat Jun 16 12:46:14 PDT 2007


Author: robert
Date: 2007-06-16 13:46:14 -0600 (Sat, 16 Jun 2007)
New Revision: 1167

Modified:
   trunk/BOOK/appendix/acknowledgments.xml
   trunk/BOOK/chapter01/changelog.xml
   trunk/BOOK/chapter05/cocoon-toolchain.xml
Log:
Run a legitimate regression in Cocoon to verify SSP, _FORTIFY_SOURCE, and -pie are working. Acknowledge NetBSD for the SSP and _FORTIFY_SOURCE regression tests.

Modified: trunk/BOOK/appendix/acknowledgments.xml
===================================================================
--- trunk/BOOK/appendix/acknowledgments.xml	2007-06-16 16:54:40 UTC (rev 1166)
+++ trunk/BOOK/appendix/acknowledgments.xml	2007-06-16 19:46:14 UTC (rev 1167)
@@ -104,6 +104,11 @@
       patches.</para>
     </listitem>
 
+    <listitem>
+      <para><ulink url="http://www.netbsd.org/">The NetBSD project</ulink> for
+      SSP and _FORTIFY_SOURCE regression tests.</para>
+    </listitem>
+
   </itemizedlist>
 
 </appendix>

Modified: trunk/BOOK/chapter01/changelog.xml
===================================================================
--- trunk/BOOK/chapter01/changelog.xml	2007-06-16 16:54:40 UTC (rev 1166)
+++ trunk/BOOK/chapter01/changelog.xml	2007-06-16 19:46:14 UTC (rev 1167)
@@ -52,6 +52,11 @@
       <para>June 16th, 2007</para>
       <itemizedlist>
         <listitem>
+          <para>[robert]: Run a legitimate regression in Cocoon to verify
+          SSP, _FORTIFY_SOURCE, and -pie are working. Acknowledge NetBSD for
+          the SSP and _FORTIFY_SOURCE regression tests.</para>
+        </listitem>
+        <listitem>
           <para>[robert]: Symlink GCC's include/ssp/*.h to ../, so that GCC
           will find and use them automatically with _FORTIFY_SOURCE, for
           uClibc.</para>

Modified: trunk/BOOK/chapter05/cocoon-toolchain.xml
===================================================================
--- trunk/BOOK/chapter05/cocoon-toolchain.xml	2007-06-16 16:54:40 UTC (rev 1166)
+++ trunk/BOOK/chapter05/cocoon-toolchain.xml	2007-06-16 19:46:14 UTC (rev 1167)
@@ -353,21 +353,55 @@
 <!-- Note: check how Glibc avoids this linker warning. -->
 
     <important>
-      <para>Confirm the new compiler is defining PIC, SSP, FORTIFY_SOURCE,
-      and OPTIMIZE:</para>
+      <para>Confirm the new compiler is working as expected. This program
+      is a perfect example of a very bad thing. It allows user input to
+      go directly to the <function>strcat</function> function without
+      checking the size of the source or destination buffer.
+      _FORTIFY_SOURCE checking will detect this overflow before SSP, because
+      they work in completely different ways:</para>
 
-<screen><userinput>echo | cc -dM -E - | grep -E 'PIC|SSP|FORTIFY|OPTIMIZE'</userinput></screen>
+<screen><userinput>cat > strcat-overflow.c << "EOF"
+#include <stdio.h>
+#include <string.h>
+int
+main(int argc, char *argv[])
+{
+        char b[10];
+        (void)strcpy(b, "1");
+        (void)strcat(b, argv[1]);
+        (void)printf("%s\n", b);
+        return 0;
+}
+EOF
+gcc -o strcat-overflow strcat-overflow.c
+./strcat-overflow 0123456
+./strcat-overflow 012345678
+gcc -o strcat-overflow-ssp strcat-overflow.c \
+    -U_FORTIFY_SOURCE
+./strcat-overflow-ssp abcdefg
+./strcat-overflow-ssp abcdefghi
+readelf -ld strcat-overflow | \
+    grep -E 'Shared object|TEXTREL'</userinput></screen>
 
-      <para>This should return:</para>
+      <para>This should display:</para>
 
-<screen><computeroutput>#define __OPTIMIZE__ 1
-#define _FORTIFY_SOURCE 2
-#define __SSP_ALL__ 2
-#define __PIC__ 1</computeroutput></screen>
+<screen><computeroutput>$ ./strcat 0123456
+10123456
+$ ./strcat-overflow 012345678
+*** buffer overflow detected ***: ./strcat-overflow terminated
+Aborted
+$ ./strcat-overflow-ssp abcdefg
+1abcdefg
+$ ./strcat-overflow-ssp abcdefghi
+1abcdefghi
+*** stack smashing detected ***: ./strcat-overflow-ssp terminated
+$ readelf -ld strcat-overflow | \
+    grep -E 'Shared object|TEXTREL'
+Elf file type is DYN (Shared object file)</computeroutput></screen>
 
-      <para>Otherwise something went wrong and you should verify libc was installed
-      to <filename class="directory">/tools/lib</filename>, and reinstall it and this
-      toolchain.</para>
+      <para>If there are any segementation faults, or TEXTREL is displayed,
+      then something is not working correctly, and you should verify the
+      installation.</para>
     </important>
 
     <para>Next, prepare the linker for the <quote>Re-adjusting</quote> phase




More information about the hlfs-book mailing list