Re: ProPolice/SSP in 7.0


On Fri, 28 Dec 2007, Gunther Mayer wrote:

Btw, I second the motion of having SSP enabled by default in FreeBSD, other OS's have been doing this for years at a negligible performance overhead.

Gunther

It's too late to make that sort of change for FreeBSD 7.0, but I think that's a good goal for FreeBSD 8.0.

Here's what I think you could do:

1. Verify that enabling SSP works properly.
2. Convince Kris Kennaway to run his mysql benchmarks on a FreeBSD 8 system both with and without SSP to verify that there is no significant slowdown.
3. Get it enabled on FreeBSD 8 by default.
4. Request that the change be made to FreeBSD 7.1 or 7.2 after it has proven to not cause problems on FreeBSD 8.

Since the subject came up, I just tried using it, and it's not giving me the results I expected. Take the following program:

#include <stdio.h>
#include <stdlib.h>
#include <string.h>

void overrun(void);

int main(void)
{
overrun();
}

void overrun(void)
{
int x;
char a[4];
int y;

strcpy(a, "ABCDE");
printf("hi");
}

If I compile it like so:
cc -g -fstack-protector-all overrun.c

The overrun is detected and the program is aborted.
./a.out
Abort (core dumped)

But if I compile it like so:
cc -g -fstack-protector overrun.c

The overrun is not caught.
./a.out
hi>

Either I'm doing something wrong, or we have gcc misconfigured and it's not detecting that strcpy is a function which needs to be watched closedly.

Mike "Silby" Silbersack
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"

Relevant Pages

  • Re: Fwd: ntpd =< 4.0.99k remote buffer overflow
    ... will likely affect FreeBSD. ... >> * Althought it's a normal buffer overflow, ... >>int doquery(host, ret, shellcode, align, shalign) ...
    (FreeBSD-Security)
  • Re: C++ compile error
    ... > hello.C: In function `int main': ... +using namespace std; ... > complex language when I compile my first program. ... > This post may off topic of FreeBSD, ...
    (freebsd-questions)
  • Fwd: Re: C program to write to the com port - RESOLVED
    ... (under freebsd 5.4, gcc version 3.4.2) ... SerialPort.C:62: error: initializing argument 1 of `int snprintf(char*, ... * compile with: gcc testssc.c -o testssc ...
    (freebsd-questions)
  • Re: sample buffer overflow exploit problem
    ... > Is there anyway I can generate shellcodes in FreeBSD? ... sample buffer overflow exploit problem ... I'm trying to exploit sample network server in FreeBSD 5.1 ... > int handle ...
    (Vuln-Dev)
  • Re: Problem with syscall(2)
    ... I am attempting to write a KLD that runs under FreeBSD 6.x. ... int sz; ... pointer to a pointer of one, based on the usage in your example. ... This code is the kernel read syscall. ...
    (comp.unix.programmer)