如何关闭 Glibc 运行时保护?
我正在尝试了解代码漏洞,并正在测试我编写的一些简单程序。然而,Glibc 在运行时捕获的许多问题(例如 Stack-Smashing、Double Free 等)。因此我希望能够在没有 Glibc 运行时检测错误的情况下运行我的程序。有没有办法关闭Glibc的检测? (比如编译器标志等)。
我在之前的链接中看到它描述了如何关闭 ASLR 和 Canary,但这不是我想要做的,因为它仍然会阻止像 Double Free 这样的错误和我想尝试的其他一些堆错误(http ://stackoverflow.com/questions/2340259/how-to-turn-off-gcc-compiler-optimization-to-enable-buffer-overflow)。
我还知道您可以使用 -w 标志关闭编译时警告,但这似乎也不是我想要的。我尝试过阅读 GCC 标志并查找有关 Glibc 的信息,但我还没有取得任何进展。因此,我将非常感谢任何帮助。谢谢。
I am trying to learn about code vulnerabilities, and am testing some simple programs I wrote. However, many of the issues Glibc catches during runtime (e.g. Stack-Smashing, Double Free, etc.). Thus I would like to be able to run my programs without Glibc's runtime detection errors. Is there a way to turn off Glibc's detection? (like with a compiler flag, etc).
I saw in a previous link it is described how to turn off ASLR and Canaries, but this is not what I'd like to do, since it still stops errors like a Double Free and some other heap errors I want to try out (http://stackoverflow.com/questions/2340259/how-to-turn-off-gcc-compiler-optimization-to-enable-buffer-overflow).
I also know you can turn off compile-time warnings with the -w flags but that doesn't seem to be what I want either. I've tried reading over the GCC flags and looking up information about Glibc, but I haven't gotten anywhere yet. Thus I would greatly appreciate any help. Thanks.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
检查 malloc(3) 的手册页以了解 MALLOC_CHECK_ 环境变量的用法。使用这个,您可以关闭那些双重免费错误和诸如此类的东西的“中止”。
因此,如果您的程序被称为“badfree”,您可以使用导出命令设置 MALLOC_CHECK_(注意尾随下划线),或者只是在每次执行 badfree 时设置它。
--或者-
请记住,如果您使用第一种方法,它是为您在该 shell 中运行的任何程序设置的。
malloc(3) 手册页中的 MALLOC_CHECK_ 设置为:
Check the man page for malloc(3) for usage of the MALLOC_CHECK_ environment variable. Using this, you can turn off 'aborts' for those double free errors and whatnot to play with things.
So if your program was called 'badfree', you can either set MALLOC_CHECK_ (note trailing underscore) with an export command, or just set it every execution of badfree.
--or--
Just remember if you use the first method, it's set for ANY program you run in that shell.
Settings for MALLOC_CHECK_ from the malloc(3) man page are:
您可以重载
operator new和operator delete,但这对于使用malloc和free<的程序没有帮助。 /代码>。当然,您也可以编写自己的实现,但在某些操作系统上重载 C 库函数可能有点困难。从概念上讲,双重释放和释放(未分配的指针)之间有什么区别?
You can overload
operator newandoperator delete, but that isn't going to help with a program that usesmallocandfree. You can of course write your own implementations of those, also, but overloading C-library functions can be a bit challenging on some OSs.What, conceptually, is the difference between a double free and
free (unallocated_pointer)?您至少应该能够
在编译时
关闭堆栈保护编辑:抱歉,刚刚发现这对您来说还不够
似乎并不容易,因为 glibc 对于所有程序来说都是全局的,所以这会很糟糕如果你能关闭保护的话。
我的建议是安装一个没有堆保护的旧 Linux 发行版(2003 年中期或更早的版本应该可以)。
You should at least be able to turn off stack protection with
at compiletime
Edit: sorry, have just seen that this isn't enough for you
Doesn't seem to be easy because glibc is global for all programs, so it would be pretty bad if you could turn the protection off.
My proposal would be to install an old linux distribution that has no heap protection (mid 2003 or earlier should work).