Re: Corrupted stack - Why Ubuntu 7.10 does not have libsafe; does not show errors in ?

Tue, 20 May 2008 06:17:10 -0700 

Hi Guy,


guy keren wrote:
AFAIK Valgrind does not detect neither stack nor static buffer overflows at all. 


[EMAIL PROTECTED]:~$ cat c2.c
#include <stdio.h>

void f(char* p_i )
{
    char i[1024];

    f(i);
}

int main()
{
    f((char*)NULL);

    return 0;
}
[EMAIL PROTECTED]:~$ gcc -Wall c2.c
[EMAIL PROTECTED]:~$ ./a.out
Segmentation fault (core dumped)
[EMAIL PROTECTED]:~$ valgrind
valgrind           valgrind.bin       valgrind-listener
[EMAIL PROTECTED]:~$ valgrind ./a.out
==5741== Memcheck, a memory error detector.
==5741== Copyright (C) 2002-2006, and GNU GPL'd, by Julian Seward et al.
==5741== Using LibVEX rev 1658, a library for dynamic binary translation.
==5741== Copyright (C) 2004-2006, and GNU GPL'd, by OpenWorks LLP.
==5741== Using valgrind-3.2.1-Debian, a dynamic binary instrumentation framework. 
==5741== Copyright (C) 2000-2006, and GNU GPL'd, by Julian Seward et al.
==5741== For more details, rerun with: -v
==5741==
==5741== Stack overflow in thread 1: can't grow stack to 0xBE68BF44
=
how do you interpret these 'Stack overflow in thread 1: can't grow stack to 0xBE68BF44' messages?
Your program does a stack overflow. What Valgrind doesn't detect are stack *buffer* overflows, which is something completely different. 

Try (stolen from the Wikiperdia article on Valgrind btw):

int Static[5];

 int func(void)
 {
   int Stack[5];

   Static[5] = 0;  /* boom! Static[0] to Static[4] exist, Static[5] is out of 
bounds */
   Stack [5] = 0;  /* bang!  Stack[0] to  Stack[4] exist,  Stack[5] is out of 
bounds */

   return 0;
 }
regarding static buffers - a test program shows that indeed valgrind does not report such overflows. even worse - it seems to hide errors of writing into read-only global variables (apparently it allocates global const buffers in read/write memory, while when loading the program without valgrind, ld.so (or whoever) loads them into read-only memory, and writes into them causes a crash. 
Indeed.

Gilad

--guy.




--
Gilad Ben-Yossef Chief Coffee Drinker 

Codefidence Ltd.
The code is free, your time isn't.(TM)

Web:    http://codefidence.com
Email:  [EMAIL PROTECTED]
Office: +972-8-9316883 ext. 201
Fax:    +972-8-9316885
Mobile: +972-52-8260388

Reply via email to