propolice and syslog-ng

Robert Connolly robert at linuxfromscratch.org
Mon Oct 18 14:38:20 PDT 2004


I honestly don't know the difference between an unsigned long and an array. I 
have two examples from Etoh of how to code the __guard function and both use 
arrays.

On October 6, 2004 11:22 pm, The Big Oak Tree wrote:
> On Thu, 2004-09-30 at 08:37, Robert Connolly wrote:
> > And another idea (the time)..
> >
> >         if (i < sizeof(__guard) / 4) {
> >                 int fd;
> >                 size_t size;
> >                 /* Sysctl Erandom doesn't work? Try /dev/urandom */
> >                 fd = open ("/dev/urandom", O_RDONLY);
> >                 if (fd != -1) {
> >                  size = read (fd, (char*)&__guard, sizeof(__guard));
> >                  close (fd) ;
> >                  if (size == sizeof(__guard))
> >                         return;
> >                  } else {
> >
> >                         /* If above was unsuccessful, use the time. */
> >                         struct timeval tv;
> >                         gettimeofday (&tv, NULL);
> >                         ((unsigned char *)__guard)[0] = tv.tv_usec;
> >                         ((unsigned char *)__guard)[1] = tv.tv_sec;
> >                         ((unsigned char *)__guard)[2] = '\n';
> >                         ((unsigned char *)__guard)[3] = 255;
> >                         }
> >                 }
> >
> > Is there a better way to do this maybe? I don't see any point in filling
> > all the elements with the same timestamp. tv_usec and tv_sec give
> > different values though. Together they change the last 3 characters of
> > __guard, giving a few thousand possible combinations. It's better then
> > just using the terminator canary. Are there any conditions where
> > gettimeofday() will block, hang, or not be available?
>
> gettimeofday() is known to behave in ssp.c on the following arches
> sparc32/sparc64/ia32/x86_64/ppc/ppc64/arm/mips/mips64
>
> Consider the following method as it gains your offsets to the __guard a
> few more bits of pseudo randomization than the method above.
>
> #include <stdio.h>
> #include <sys/time.h>
> unsigned long __guard = 0UL;
> int main()
> {
>    struct timeval tv;
>    __guard = 0xFF0A0D00UL;
>    printf("static canary: 0x%x\n", __guard);
>    gettimeofday(&tv, NULL);
>    __guard ^= tv.tv_usec ^ tv.tv_sec;
>    printf("xor canary: 0x%x\n", __guard);
>    return 0;
> }
>
> /* we add this function here just in case I'm tested and somebody
> forgets to -fno-fstack-me */
> void __stack_smash_handler(char func[], int damaged)
> {
>    printf("func=%s damaged=%d\n", func, damaged);
> }
>
> Unless I'm doing my math wrong this method should yield 4294967295
> unique combinations, but for the most part it's probably safer to assume
> only 16777215 combinations.
>
> --



More information about the hlfs-dev mailing list