Re: StackGuard

[Crispin Cowan <crispin () cse ogi edu>]

Joseph S. D. Yao wrote:

> > btw did anybody look at StackGuard close enough to tell if it could be
> > functional on *BSD systems?
>
> The cited Web page mentioned, off-hand, that Linux is "probably" a
> prerequisite.  The compiler README says, more specifically:
>
> "I only tested for Redhat Linux 4.2 (linux kernel 2.0.30) on Intel
> x86's.  I don't see much reason for it to care what Unix OS you have
> (must have signals, printf, syslog, and ... ?), but it definitely
> won't do anything for non x86 as only x86 instructions are emitted for
> canaries.  The canary library is architecture independant [sic], but might
> be more sensitive to OS."

As in "we don't have any *BSD systems."  No one has ever reported an attempt
to use StackGuard on a BSD system to me, so I don't know what will happen.
The biggest OS dependency in the compiler on the web page is that it wants to
see /dev/urandom.

The new version we're preparing to support shared libraries is definitely
ELF-specific.  The canary-checking code generator needs to know something
about ELF to be able to generate relocatable canary-checking code.

> Canaries, for those who didn't get the joke, are explained further in
> the README.  The practice was hardly limited to the Welsh - it was done
> widely here in the States, too.  [Welch is a grape products company, or
> something cads do with responsibilities, folks!]

And Welsh was spelled correctly in the paper :-)  Canary may be a cutesy
term, but I think of it as more of an analogy than a joke.  StackGuard really
does nothing to prevent the attacker's stack smash; it just makes the smash
non-exploitable because the victim program checks the canary before it does a
function return.

Crispin
-----
 Crispin Cowan, Research Assistant Professor of Computer Science, OGI
    StackGuard: protect your software against Stack Smashing Attack
       http://www.cse.ogi.edu/DISC/projects/immunix/StackGuard/

                 Support Justice:  Boycott Windows 98