Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Which versions of GCC, or flags, should I use when studying buffer overflows?

Recently, I've been studying buffer overflows as an undergraduate student in Computer Engineering. Simply out of interest, I began researching and studying buffer overflows, but have gotten stuck when attempting to implement them in my own C programs on my computer, compiled with GCC 4.9.1 (in Debian Jessie).

I've heard that there are sorts of stack overflow protection in newer compilers, so I'm thinking that my issue is that my compiler version is too new. Either that, or I'm not compiling with the correct flags (none).

So are there good versions of GCC for me to obtain to test buffer overflows? Or should I use a particular flag to prevent stack protection and canaries?

Thank you for your time.

like image 254
Macslayer Avatar asked Oct 07 '14 21:10

Macslayer


People also ask

What is a good protection technique for stack buffer overflows?

Other buffer overflow protection techniques include bounds checking, which checks accesses to each allocated block of memory so they cannot go beyond the actually allocated space, and tagging, which ensures that memory allocated for storing data cannot contain executable code.

What type of programming is most likely to contain a buffer overflow vulnerability?

This error occurs when there is more data in a buffer than it can handle, causing data to overflow into adjacent storage. This vulnerability can cause a system crash or, worse, create an entry point for a cyberattack. C and C++ are more susceptible to buffer overflow.

What are the purpose of the GCC flags and?

Turning on optimization flags makes the compiler attempt to improve the performance and/or code size at the expense of compilation time and possibly the ability to debug the program. The compiler performs optimization based on the knowledge it has of the program.


1 Answers

Use -zexecstack -fno-stack-protector to disable stack frame protection and non-executable stack with gcc.

On your Linux system, you also have to disable address randomization (ASLR) using:

echo 0 > /proc/sys/kernel/randomize_va_space
like image 142
ouah Avatar answered Sep 28 '22 01:09

ouah