How to turn off Glibc run-time protections?

Question

I am trying to learn about code vulnerabilities, and am testing some simple programs I wrote. However, many of the issues Glibc catches during runtime (e.g. Stack-Smashing, Double Free, etc.). Thus I would like to be able to run my programs without Glibc's runtime detection errors. Is there a way to turn off Glibc's detection? (like with a compiler flag, etc).

I saw in a previous link it is described how to turn off ASLR and Canaries, but this is not what I'd like to do, since it still stops errors like a Double Free and some other heap errors I want to try out (http://stackoverflow.com/questions/2340259/how-to-turn-off-gcc-compiler-optimization-to-enable-buffer-overflow).

I also know you can turn off compile-time warnings with the -w flags but that doesn't seem to be what I want either. I've tried reading over the GCC flags and looking up information about Glibc, but I haven't gotten anywhere yet. Thus I would greatly appreciate any help. Thanks.

Answer 1

Check the man page for malloc(3) for usage of the MALLOC_CHECK_ environment variable. Using this, you can turn off 'aborts' for those double free errors and whatnot to play with things.

man malloc

So if your program was called 'badfree', you can either set MALLOC_CHECK_ (note trailing underscore) with an export command, or just set it every execution of badfree.

export MALLOC_CHECK_=0
./badfree

--or--

MALLOC_CHECK_=0 ./badfree

Just remember if you use the first method, it's set for ANY program you run in that shell.

Settings for MALLOC_CHECK_ from the malloc(3) man page are:

MALLOC_CHECK_ =
 0  Silently ignore any issues
 1  Send error message to stderr
 2  abort() is called immediately, killing your program.
 3  Do both '1' and '2' (MALLOC_CHECK_ is a bitfield)