summaryrefslogtreecommitdiff
path: root/lib/libc/sys/stack_protector.c
blob: a6b147c1e22859035fdb41daf64f5915cb65521e (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
/*	$OpenBSD: stack_protector.c,v 1.12 2012/08/24 01:28:54 matthew Exp $	*/

/*
 * Copyright (c) 2002 Hiroaki Etoh, Federico G. Schwindt, and Miodrag Vallat.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR
 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
 * DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY DIRECT,
 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
 * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 * POSSIBILITY OF SUCH DAMAGE.
 *
 */

#include <sys/param.h>
#include <sys/sysctl.h>
#include <signal.h>
#include <string.h>
#include <syslog.h>
#include <unistd.h>

extern int __sysctl(int *, u_int, void *, size_t *, void *, size_t);

#ifdef __ELF__
long __guard[8] __attribute__((section(".openbsd.randomdata")));
#else
long __guard[8] = {0, 0, 0, 0, 0, 0, 0, 0};
#endif

static void __guard_setup(void) __attribute__ ((constructor));
void __stack_smash_handler(char func[], int damaged __attribute__((unused)));

static void
__guard_setup(void)
{
	int mib[2];
	size_t i, len;

	for (i = 0; i < sizeof(__guard) / sizeof(__guard[0]); i++)
		if (__guard[i] != 0)
			return;

#if 0
	{
		struct syslog_data sdata = SYSLOG_DATA_INIT;
		syslog_r(LOG_WARNING, &sdata, "__guard not initialized");
	}
#endif

	mib[0] = CTL_KERN;
	mib[1] = KERN_ARND;

	len = sizeof(__guard);
	if (__sysctl(mib, 2, __guard, &len, NULL, 0) == -1 ||
	    len != sizeof(__guard)) {
		/* If sysctl was unsuccessful, use the "terminator canary". */
		((unsigned char *)__guard)[0] = 0;
		((unsigned char *)__guard)[1] = 0;
		((unsigned char *)__guard)[2] = '\n';
		((unsigned char *)__guard)[3] = 255;
	}
}

/*ARGSUSED*/
void
__stack_smash_handler(char func[], int damaged)
{
	struct syslog_data sdata = SYSLOG_DATA_INIT;
	const char message[] = "stack overflow in function %s";
	struct sigaction sa;
	sigset_t mask;

	/* Immediately block all signal handlers from running code */
	sigfillset(&mask);
	sigdelset(&mask, SIGABRT);
	sigprocmask(SIG_BLOCK, &mask, NULL);

	/* This may fail on a chroot jail... */
	syslog_r(LOG_CRIT, &sdata, message, func);

	bzero(&sa, sizeof(struct sigaction));
	sigemptyset(&sa.sa_mask);
	sa.sa_flags = 0;
	sa.sa_handler = SIG_DFL;
	sigaction(SIGABRT, &sa, NULL);

	kill(getpid(), SIGABRT);

	_exit(127);
}