From owner-freebsd-security Fri Nov 17 15:44:48 2000 Delivered-To: freebsd-security@freebsd.org Received: from citusc17.usc.edu (citusc17.usc.edu [128.125.38.177]) by hub.freebsd.org (Postfix) with ESMTP id 97D4C37B479 for ; Fri, 17 Nov 2000 15:44:45 -0800 (PST) Received: (from kris@localhost) by citusc17.usc.edu (8.11.1/8.11.1) id eAHNjqP77967; Fri, 17 Nov 2000 15:45:52 -0800 (PST) (envelope-from kris) Date: Fri, 17 Nov 2000 15:45:51 -0800 From: Kris Kennaway To: KOJIMA Hajime Cc: security@FreeBSD.ORG Subject: Base system gcc patch (Re: FYI: Propolice for gcc-2.95.2) Message-ID: <20001117154551.A77867@citusc17.usc.edu> References: <46896.974343158@ideon.st.ryukoku.ac.jp> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="EVF5PPMfhYS0aIcm" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <46896.974343158@ideon.st.ryukoku.ac.jp>; from kjm@rins.ryukoku.ac.jp on Thu, Nov 16, 2000 at 11:52:38AM +0900 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org --EVF5PPMfhYS0aIcm Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable This was trivial to get working on FreeBSD, but here is a patch against the system gcc in 4.x which will compile a ProPolice-enabled version, so FreeBSD users can start easily making use of this. The patch is the same for 5.x users except you will need to replace "contrib/gcc" with "contrib/gcc.295" in the diff. http://www.freebsd.org/~kris/protector.patch Once you have done a buildworld and installed the new compiler, you can start playing with adding "-fstack-protector" into CFLAGS and e.g. build a new world. I haven't actually tested the results of this yet, so don't do that on your production systems yet ;-) It does seem to work, however: mollari# /tmp/smash AAAAAAAAAAAAAAAAAAAAAAAAAA main: stack smashing attack? Segmentation fault (core dumped) (gdb) bt #0 0x8048726 in __stack_smash_handler () #1 0x8048665 in main () #2 0x41414141 in ?? () Cannot access memory at address 0x41414141. :-) The one suggestion I have at this stage is to make _stack_smash_handler syslog() the error so there is a system record of the potential attack. There may be a reason that isn't feasible, however. Nice work! Kris On Thu, Nov 16, 2000 at 11:52:38AM +0900, KOJIMA Hajime wrote: > FYI: "Propolice", GCC extension for protecting applications from > stack-smashing attacks, for gcc-2.95.2 is now available. > =20 > >=20 > ---- > KOJIMA Hajime - Ryukoku University, Seta, Ootsu, Shiga, 520-2194 Japan > [Office] kjm@rins.ryukoku.ac.jp, http://www.st.ryukoku.ac.jp/~kjm/ >=20 >=20 > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message --EVF5PPMfhYS0aIcm Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjoVwy8ACgkQWry0BWjoQKVJJgCg4eKgfBWurflDWSmZkrOqAqIZ mJIAmwWViG46Jz6afWN5yAdbpRziUruY =cBxL -----END PGP SIGNATURE----- --EVF5PPMfhYS0aIcm-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message