aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLeah Neukirchen <leah@vuxu.org>2019-12-19 12:51:29 +0100
committerLeah Neukirchen <leah@vuxu.org>2019-12-19 12:51:29 +0100
commita34791cc02949d22d2b4a5f7e0ddc63d617dd6d0 (patch)
tree62deadf77ae4bb9e3ca46faaebcc332144282429
parentf2a8f228da6b1a73f40abc5a5e83433d67c38943 (diff)
downloadfail-a34791cc02949d22d2b4a5f7e0ddc63d617dd6d0.tar.gz
fail-a34791cc02949d22d2b4a5f7e0ddc63d617dd6d0.tar.xz
fail-a34791cc02949d22d2b4a5f7e0ddc63d617dd6d0.zip
add -S for stack smashing
-rw-r--r--README6
-rw-r--r--fail.19
-rw-r--r--fail.c15
3 files changed, 24 insertions, 6 deletions
diff --git a/README b/README
index bf5a812..7c766ec 100644
--- a/README
+++ b/README
@@ -4,7 +4,7 @@ NAME
fail – crash in various possible ways
SYNOPSIS
- fail [-123DORabcdikrst]
+ fail [-123DORSabcdikrst]
DESCRIPTION
fail crashes in various possible ways to help you debug how other
@@ -32,6 +32,8 @@ DESCRIPTION
-R Trigger an infinite recursion that uses alloca(3) heavily (to
test GCC's -fstack-clash-protection).
+ -S Smash the stack using strcpy(3), to test GCC's -fstack-protector.
+
-a Call abort(3).
-b Trigger SIGBUS by accessing mmap(2) memory beyond the end of a
@@ -69,4 +71,4 @@ LICENSE
http://creativecommons.org/publicdomain/zero/1.0/
-Void Linux January 11, 2019 Void Linux
+Void Linux December 19, 2019 Void Linux
diff --git a/fail.1 b/fail.1
index 8026683..fb7b3ec 100644
--- a/fail.1
+++ b/fail.1
@@ -1,4 +1,4 @@
-.Dd January 11, 2019
+.Dd December 19, 2019
.Dt FAIL 1
.Os
.Sh NAME
@@ -6,7 +6,7 @@
.Nd crash in various possible ways
.Sh SYNOPSIS
.Nm
-.Op Fl 123DORabcdikrst
+.Op Fl 123DORSabcdikrst
.Sh DESCRIPTION
.Nm
crashes in various possible ways to
@@ -50,6 +50,11 @@ heavily
to test GCC's
.Fl fstack-clash-protection
.Pc .
+.It Fl S
+Smash the stack using
+.Xr strcpy 3 ,
+to test GCC's
+.Fl fstack-protector .
.It Fl a
Call
.Xr abort 3 .
diff --git a/fail.c b/fail.c
index 855189c..a054e6e 100644
--- a/fail.c
+++ b/fail.c
@@ -14,6 +14,7 @@
#include <signal.h>
#include <stdio.h>
#include <stdlib.h>
+#include <string.h>
#include <unistd.h>
void
@@ -90,6 +91,15 @@ recurse_alloca(char *n)
}
void
+stack_smash()
+{
+ char buffer[2];
+ strcpy(buffer, "stack smash stack smash stack smash stack smash");
+ printf("%s", buffer);
+ /* if we exit here, gcc may optimize the smashing detection away */
+}
+
+void
abortme()
{
abort();
@@ -160,7 +170,7 @@ main(int argc, char *argv[])
{
int c;
- while ((c = getopt(argc, argv, "123DORabcdikrst")) != -1) {
+ while ((c = getopt(argc, argv, "123DORSabcdikrst")) != -1) {
switch (c) {
case '1': exit(-1); break;
case '2': exit(2); break;
@@ -176,10 +186,11 @@ main(int argc, char *argv[])
case 'k': killme(); break;
case 'r': recurse(0); break;
case 's': segfault(); break;
+ case 'S': stack_smash(); break;
case 't': trap(); break;
}
}
- write(2, "Usage: fail [-123ORabcdikrst]\n", 30);
+ write(2, "Usage: fail [-123ORSabcdikrst]\n", 31);
exit(1);
}