[PATCH] draft: better string overflow checking (was: memory
corruption in SAMBA_3_0)
Andrew Bartlett
abartlet at samba.org
Wed Mar 5 10:57:29 GMT 2003
On Wed, 2003-03-05 at 16:11, Martin Pool wrote:
> I was thinking about Andrew's fstring-overflow patch from a few weeks
> ago: for developer builds, it touches the last byte of a string buffer
> to check that it's as long as it should be.
>
> This should be reasonably helpful in catching string overflows on the
> heap, but not so good on the stack, because the program can probably
> write arbitrarily far past stack variables without trapping, even
> under Valgrind. Writing a \0 in there will damage *something* and
> probably make the program crash, but it won't be very obvious. I
> think this might have been what Jerry saw the other day.
>
> I think this patch is better: it thoroughly clobbers the contents of
> string buffers to make any fstring/pstring/dynamic confusion obvious.
>
> Here is an example that is caught in developer builds with this patch,
> but is hard to catch otherwise:
>
> #include "includes.h"
>
> int main(void)
> {
> fstring dest;
>
> pstrcpy(dest, "hello");
>
> return 0;
> }
>
> This fails with an obvious message under gdb:
>
> #0 0xf1f1f1f1 in ?? ()
> Cannot access memory at address 0xf1f1f1f1
>
> Please don't apply this yet because I want to see if it catches any
> bugs, but I'd love to hear comments.
This will (compared to other checks) slow things down, as we keep
filling out those pstrings, but I think it's a great idea - and will
catch bugs!
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20030305/a2eca097/attachment.bin
More information about the samba-technical
mailing list