[cfe-dev] stack overflow detection?

[Jeffrey Walton]

On Tue, Sep 17, 2013 at 3:18 PM, Greg Fitzgerald <garious at gmail.com> wrote:
> ...
>> If you want dynamic detection, then Address Sanitizer (which is built into Clang) or SAFECode
>
> Dynamic detection.  I tried with Address Sanitizer and no luck
> out-of-the-box.  I think it can detect stack-buffer-overflow (aka
> stack corruption), but not stack overflow.
You also have the more traditional tools like -fstack-protector or
-fstack-protector-all, FORTIFY_SOURCES=2. FORTIFY_SOURCES will help in
situations where the compiler can deduce destination buffer sizes. In
this case, the compiler will insert a call to a 'safer' variant of a
dangerous function (for example, strlcat/strcat_s instead of strcat).
It applies to both stack and heap. All of these should be present in
your production code.

If you're also concerned about what the overflow leads to (most often
code execution), then you can also use -Wl,-z,noexecstack and
-Wl,-z,noexecheap. The bad guy usually wants to corrupt memory and
execute his code, so these should probably be present in your
production code if available.

There are some others too.
https://www.owasp.org/index.php/C-Based_Toolchain_Hardening.

Sorry to drift a bit from "what does Clang offer".

Jeff

> Eli Friedman wrote:
>> No such support exists at the moment.
>
> Is anyone aware of another C compiler that adds instrumentation for
> stack overflow detection?
>
> Thanks,
> Greg
>
> On Tue, Sep 17, 2013 at 3:03 PM, John Criswell <criswell at illinois.edu> wrote:
>> On 9/17/13 4:57 PM, Greg Fitzgerald wrote:
>>>
>>> Does clang offer any tools for detecting when a program is about to
>>> segfault due to stack overflow?
>>
>>
>> If you want dynamic detection, then Address Sanitizer (which is built into
>> Clang) or SAFECode (which has its own version of Clang into which it is
>> integrated) will do the trick.
>>
>> If you're asking about the Clang static analyzer, then I do not know.