Is there a way to deactivate Buffer overflow protection on my machine?
GCC
On gcc (man gcc
) the checks are enabled by
-fstack-protector Emit extra code to check for buffer overflows, such as stack smashing attacks. >This is done by adding a guard variable to functions with vulnerable objects. This includes functions that call alloca, and functions with >buffers larger than 8 bytes. The guards are initialized when a function is entered and then checked when the function exits. If a guard check >fails, an error message is printed and the program exits. -fstack-protector-all Like -fstack-protector except that all functions are protected.
You can disable both by prepending no-
to the option name
-fno-stack-protector -fno-stack-protector-all
LLVM/Clang
On LLVM/Clang (http://clang.llvm.org/docs/UsersManual.html#commandline) to enable/disable AdressSanitizer:
-f[no-]address-sanitizer: Turn on AddressSanitizer, a memory error detector.
and SAFECode (http://safecode.cs.illinois.edu/docs/UsersGuide.html)
-f[no-]memsafety
Related videos on Youtube
Pallab Gain
I am Fotis Koutoulakis, a Computer Scientist mostly interested in Programming Languages, both theory and implementation. Secondary interests of mine include complexity theory, machine learning and distributed systems.
Updated on September 18, 2022Comments
-
Pallab Gain over 1 year
I want to do some experiments with buffer overflows on my various virtual machines, including (but not limited to) Debian 6, Ubuntu 12.04, Fedora 16, but every time I try to execute the buffer overflow exploit I get the following message:
stack smashing detected (core dumped)
After doing my research I read that it is a feature called buffer overflow protection implemented in the compiler. GCC for instance uses GCC Stack-Smashing Protector (ProPolice), Clang/LLVM uses two buffer overflow detectors, SafeCode and AddressSanitizer.
My question is: Since I really want to check out buffer overflow attacks on my machines is there a way (a compiler flag, perhaps? a linux config file?) to deactivate the buffer overflow protection?
-
Michuelnik over 11 yearsIs there a (simple) way to detect, whether a program has been compiled with SSP?
-
Matteo over 11 years@Michuelnik you could see if the binary contains any reference to
__stack_chk_fail
(e.g.,strings /bin/mybinary | grep __stack_chk_fail
-
Marcin Krasowski over 10 yearsi just tested it with GCC 4.7 and 4.1: option
-fno-stack-protector-all
is not recognized (-fstack-protector
,-fstack-protector-all
and-fno-stack-protector
are recognized)