1 /* $OpenBSD: stack_protector.c,v 1.12 2012/08/24 01:28:54 matthew Exp $ */ 2 3 /* 4 * Copyright (c) 2002 Hiroaki Etoh, Federico G. Schwindt, and Miodrag Vallat. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR 17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 18 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 19 * DISCLAIMED. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY DIRECT, 20 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 21 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 22 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 24 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 25 * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 26 * POSSIBILITY OF SUCH DAMAGE. 27 * 28 */ 29 30 #include <sys/param.h> 31 #include <sys/sysctl.h> 32 #include <signal.h> 33 #include <string.h> 34 #include <syslog.h> 35 #include <unistd.h> 36 37 extern int __sysctl(int *, u_int, void *, size_t *, void *, size_t); 38 39 #ifdef __ELF__ 40 long __guard[8] __attribute__((section(".openbsd.randomdata"))); 41 #else 42 long __guard[8] = {0, 0, 0, 0, 0, 0, 0, 0}; 43 #endif 44 45 static void __guard_setup(void) __attribute__ ((constructor)); 46 void __stack_smash_handler(char func[], int damaged __attribute__((unused))); 47 48 static void 49 __guard_setup(void) 50 { 51 int mib[2]; 52 size_t i, len; 53 54 for (i = 0; i < sizeof(__guard) / sizeof(__guard[0]); i++) 55 if (__guard[i] != 0) 56 return; 57 58 #if 0 59 { 60 struct syslog_data sdata = SYSLOG_DATA_INIT; 61 syslog_r(LOG_WARNING, &sdata, "__guard not initialized"); 62 } 63 #endif 64 65 mib[0] = CTL_KERN; 66 mib[1] = KERN_ARND; 67 68 len = sizeof(__guard); 69 if (__sysctl(mib, 2, __guard, &len, NULL, 0) == -1 || 70 len != sizeof(__guard)) { 71 /* If sysctl was unsuccessful, use the "terminator canary". */ 72 ((unsigned char *)__guard)[0] = 0; 73 ((unsigned char *)__guard)[1] = 0; 74 ((unsigned char *)__guard)[2] = '\n'; 75 ((unsigned char *)__guard)[3] = 255; 76 } 77 } 78 79 /*ARGSUSED*/ 80 void 81 __stack_smash_handler(char func[], int damaged) 82 { 83 struct syslog_data sdata = SYSLOG_DATA_INIT; 84 const char message[] = "stack overflow in function %s"; 85 struct sigaction sa; 86 sigset_t mask; 87 88 /* Immediately block all signal handlers from running code */ 89 sigfillset(&mask); 90 sigdelset(&mask, SIGABRT); 91 sigprocmask(SIG_BLOCK, &mask, NULL); 92 93 /* This may fail on a chroot jail... */ 94 syslog_r(LOG_CRIT, &sdata, message, func); 95 96 bzero(&sa, sizeof(struct sigaction)); 97 sigemptyset(&sa.sa_mask); 98 sa.sa_flags = 0; 99 sa.sa_handler = SIG_DFL; 100 sigaction(SIGABRT, &sa, NULL); 101 102 kill(getpid(), SIGABRT); 103 104 _exit(127); 105 } 106