Buffer Overflow Tool <May be OT>

[Sheth Raxit]

Is there any Opensource/Free tool to detect all possible Overflow in
the code. ?

Situation :
recently i came across some old code, <written by some careless
programmer, not having 'useful' document>.

What i am doing...<since last few days.>

1. analyzing code flow using cflow and cscope.
2. Removing All possible warnings <by gcc's Wall option.>
3.Found some crash on Dynamic memory stuff, <trying to Fix/Catch more
using Valgrind, <i am on linux> > , few crash fixed using gdb.
4. I suspect there are few <or say more> Array Overrun kind of stuffs
in the code.the code is in C lang. only,Any way to detect possible
array/buffer overflow. <any tool/library/compiler options etc>

<please note : some of my friend has told use Java, it is not possible
at this stage.>

Would be great if can provide any realistic/practical suggestion,
<Except review the whole code carefully, and manually detect.>

-Raxit

 

[Ben Bacarisse]

Is there any Opensource/Free tool to detect all possible Overflow in
the code. ?

Yes it is off topic but there are enough clues to be pretty sure
that suggesting you install the mudflap libraries and compile (and
link) with these (see -fmudflap option) you will get something close
to what you are looking for. For more on this (and opinions from
wiser heads than mine) you must post to a platform specific group
(maybe

 

[Philip Potter]

Yes it is off topic but there are enough clues to be pretty sure
that suggesting you install the mudflap libraries and compile (and
link) with these (see -fmudflap option) you will get something close
to what you are looking for. For more on this (and opinions from
wiser heads than mine) you must post to a platform specific group
(maybe news:comp.unix.programming?)

ITYM comp.unix.programmer

 

[user923005]

Is there any Opensource/Free tool to detect all possible Overflow in
the code. ?

Situation :
recently i came across some old code, <written by some careless
programmer, not having 'useful' document>.

What i am doing...<since last few days.>

1. analyzing code flow using cflow and cscope.
2. Removing All possible warnings <by gcc's Wall option.>
3.Found some crash on Dynamic memory stuff, <trying to Fix/Catch more
using Valgrind, <i am on linux> > , few crash fixed using gdb.

Electric fence is also popular. There is a bounds checking GCC, but I
have not tried it.

4. I suspect there are few <or say more> Array Overrun kind of stuffs
in the code.the code is in C lang. only,Any way to detect possible
array/buffer overflow. <any tool/library/compiler options etc>

I like this thing:
http://duma.sourceforge.net/

<please note : some of my friend has told use Java, it is not possible
at this stage.>

Would be great if can provide any realistic/practical suggestion,
<Except review the whole code carefully, and manually detect.>

Note:
There are not really an C questions here, but I could not think of a
more appropriate group to forward to. No doubt there is one, but I
don't know what it is.

 

[Tor Rustad]

Is there any Opensource/Free tool to detect all possible Overflow in
the code. ?

Situation :
recently i came across some old code, <written by some careless
programmer, not having 'useful' document>.

What i am doing...<since last few days.>

1. analyzing code flow using cflow and cscope.
2. Removing All possible warnings <by gcc's Wall option.>

Can you add the -pedantic and -ansi switch too?

Next step, is to look into adding more static analysis via lint tool,
e.g. 'splint', but that require a lot of effort, if you have never used
such a tool before.

3.Found some crash on Dynamic memory stuff, <trying to Fix/Catch more
using Valgrind, <i am on linux> > , few crash fixed using gdb.

Another, useful tool is Electric Fence, which often core dump at point
of overflow.

However, a while back, I read a report from a super-computing center,
where they had analyzed different memory tools, of these Valgrind was
the best free tool, but was well behind the best commercial tools.

Would be great if can provide any realistic/practical suggestion,
<Except review the whole code carefully, and manually detect.>

If not already done, I would add a lot of assert()'s, and in particular
watch out for off-by-one errors.

Another tip is switching to: strlcpy() & strlcat().

 

[CBFalconer]

Can you add the -pedantic and -ansi switch too?

Next step, is to look into adding more static analysis via lint
tool, e.g. 'splint', but that require a lot of effort, if you have
never used such a tool before.


Another, useful tool is Electric Fence, which often core dump at
point of overflow.

However, a while back, I read a report from a super-computing
center, where they had analyzed different memory tools, of these
Valgrind was the best free tool, but was well behind the best
commercial tools.


If not already done, I would add a lot of assert()'s, and in
particular watch out for off-by-one errors.

Another tip is switching to: strlcpy() & strlcat().

Generally good advice. One slight addition I would recommend is
use of my nmalloc package, which includes comprehensive debugging
abilities. While written for DJGPP, it is quite general, and I
believe can operate on any byte addressed 32 bit system that has a
sbrk() call available and allows substitution of malloc packages.
It needs to be compiled with gcc. The package includes a manual.
When installed, just link it before the system library is searched.

The location also includes code for the (non-standard) strlcpy and
strlcat.

<http://cbfalconer.home.att.net/download/>