diff options
| author | Clément Gallet <clement.gallet@ens-lyon.org> | 2023-02-09 16:59:39 +0100 |
|---|---|---|
| committer | Clément Gallet <clement.gallet@ens-lyon.org> | 2023-02-09 16:59:39 +0100 |
| commit | abc7e151e45c9b403680c74cf5c509d10a787cff (patch) | |
| tree | b558f49ea3c80b521f19965a5adea448d4ecc4fc | |
| parent | d236fe4ae2db7d8a840cbd8f0eaf2c1c3ed5c478 (diff) | |
Print stack canarystacksmashing
| -rw-r--r-- | src/library/checkpoint/Checkpoint.cpp | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/src/library/checkpoint/Checkpoint.cpp b/src/library/checkpoint/Checkpoint.cpp index 47dc7ce8..2c4cb51f 100644 --- a/src/library/checkpoint/Checkpoint.cpp +++ b/src/library/checkpoint/Checkpoint.cpp @@ -277,6 +277,41 @@ int Checkpoint::checkRestore() return SaveStateManager::ESTATE_OK; } +unsigned long read_canary() +{ + unsigned long val = 0; + +#ifdef __x86_64__ + __asm__("movq %%fs:0x28, %0;" +#elif __i386__ + __asm__("movq %%fs:0x28, %0;" +#elif __arm__ + __asm__("ldr r0, =__stack_chk_guard; ldr r0, [r0]; mov %0, r0;" +#endif + : "=r"(val) + : + :); + + return val; +} + +void printStack(void* caller_frame) +{ + debuglogstdio(LCF_CHECKPOINT | LCF_INFO, "Print stack content around caller frame:"); + uintptr_t cf = reinterpret_cast<uintptr_t>(caller_frame); + uintptr_t ad = cf - 0xa0; + unsigned long int* val = reinterpret_cast<unsigned long int*>(ad); + for (int i=0; i<40; i++) { + if (i==1 || i==29) + debuglogstdio(LCF_CHECKPOINT | LCF_INFO, "--> %p: %016lx", ad, *val); + else + debuglogstdio(LCF_CHECKPOINT | LCF_INFO, " %p: %016lx", ad, *val); + ad += 8; + val++; + } + +} + void Checkpoint::handler(int signum) { #ifdef __unix__ @@ -292,6 +327,13 @@ void Checkpoint::handler(int signum) #endif if (SaveStateManager::isLoading()) { + debuglogstdio(LCF_CHECKPOINT | LCF_INFO, "Canary value: %lx", read_canary()); + void* caller_frame = __builtin_frame_address(1); + debuglogstdio(LCF_CHECKPOINT | LCF_INFO, "Frame address of caller: %p", caller_frame); + + debuglogstdio(LCF_CHECKPOINT | LCF_INFO, "Stack content before loading"); + printStack(caller_frame); + #ifdef __unix__ /* Before reading from the savestate, we must keep some values from * the connection to the X server, because they are used for checking @@ -350,6 +392,9 @@ void Checkpoint::handler(int signum) /* We must restore the current stack frame from the savestate */ AltStack::restoreStackFrame(); + + debuglogstdio(LCF_CHECKPOINT | LCF_INFO, "Stack content after loading"); + printStack(caller_frame); } else { /* Check that base savestate exists, otherwise save it */ |