3rd-party/linux-kernel-module-cheat
1
0
Fork 0
mirror of https://github.com/cirosantilli/linux-kernel-module-cheat.git synced 2026-01-29 04:54:27 +01:00
Code Issues Releases Wiki Activity

memcpy_overflow failed fortify source attempt

Browse Source
This commit is contained in:
Ciro Santilli
2018-07-06 11:24:02 +01:00
parent 5d9418b276
commit 9c62b82036
2 changed files with 27 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
README.adoc
View File

@@ -4607,7 +4607,7 @@ Make it harder to get hacked and easier to notice that you were, at the cost of
Detects buffer overflows for us:
....
./build -C 'CONFIG_FORTIFY_SOURCE=y' -L fortify
./build -C 'CONFIG_FORTIFY_SOURCE=y' -L fortify -k
./run -F 'insmod /strlen_overflow.ko' -L fortify
....
@@ -4623,7 +4623,11 @@ followed by a trace.
You may not get this error because this depends on `strlen` overflowing at least until the next page: if a random `\0` appears soon enough, it won't blow up as desired.
I did observe this at link:http://github.com/cirosantilli/linux-kernel-module-cheat/commit/1b451a70d46a5c4619992ad4dd2e4b8f5a84c252[1b451a70d46a5c4619992ad4dd2e4b8f5a84c252] but not at link:http://github.com/cirosantilli/linux-kernel-module-cheat/commit/9b4c1984fc2cb04de0b4d62749cc1f8eabf26c6f[9b4c1984fc2cb04de0b4d62749cc1f8eabf26c6f] TODO: find a more reproducible failure.
TODO not always reproducible. Find a more reproducible failure. I could not observe it on:
....
insmod /memcpy_overflow.ko
....
Source: link:kernel_module/strlen_overflow.c[]