Buffer Overflow Tool <May be OT>

Discussion in 'C Programming' started by Sheth Raxit, Sep 17, 2007.

  1. Sheth Raxit

    Sheth Raxit Guest

    Is there any Opensource/Free tool to detect all possible Overflow in
    the code. ?

    Situation :
    recently i came across some old code, <written by some careless
    programmer, not having 'useful' document>.

    What i am doing...<since last few days.>

    1. analyzing code flow using cflow and cscope.
    2. Removing All possible warnings <by gcc's Wall option.>
    3.Found some crash on Dynamic memory stuff, <trying to Fix/Catch more
    using Valgrind, <i am on linux> > , few crash fixed using gdb.
    4. I suspect there are few <or say more> Array Overrun kind of stuffs
    in the code.the code is in C lang. only,Any way to detect possible
    array/buffer overflow. <any tool/library/compiler options etc>

    <please note : some of my friend has told use Java, it is not possible
    at this stage.>

    Would be great if can provide any realistic/practical suggestion,
    <Except review the whole code carefully, and manually detect.>

    -Raxit
     
    Sheth Raxit, Sep 17, 2007
    #1
    1. Advertising

  2. Sheth Raxit <> writes:

    > Is there any Opensource/Free tool to detect all possible Overflow in
    > the code. ?


    Yes it is off topic but there are enough clues to be pretty sure
    that suggesting you install the mudflap libraries and compile (and
    link) with these (see -fmudflap option) you will get something close
    to what you are looking for. For more on this (and opinions from
    wiser heads than mine) you must post to a platform specific group
    (maybe news:comp.unix.programming?)

    --
    Ben.
     
    Ben Bacarisse, Sep 17, 2007
    #2
    1. Advertising

  3. Ben Bacarisse wrote:
    > Sheth Raxit <> writes:
    >
    >> Is there any Opensource/Free tool to detect all possible Overflow in
    >> the code. ?

    >
    > Yes it is off topic but there are enough clues to be pretty sure
    > that suggesting you install the mudflap libraries and compile (and
    > link) with these (see -fmudflap option) you will get something close
    > to what you are looking for. For more on this (and opinions from
    > wiser heads than mine) you must post to a platform specific group
    > (maybe news:comp.unix.programming?)


    ITYM comp.unix.programmer

    --
    Philip Potter pgp <at> doc.ic.ac.uk
     
    Philip Potter, Sep 17, 2007
    #3
  4. Sheth Raxit

    user923005 Guest

    On Sep 17, 2:27 am, Sheth Raxit <> wrote:
    > Is there any Opensource/Free tool to detect all possible Overflow in
    > the code. ?
    >
    > Situation :
    > recently i came across some old code, <written by some careless
    > programmer, not having 'useful' document>.
    >
    > What i am doing...<since last few days.>
    >
    > 1. analyzing code flow using cflow and cscope.
    > 2. Removing All possible warnings <by gcc's Wall option.>
    > 3.Found some crash on Dynamic memory stuff, <trying to Fix/Catch more
    > using Valgrind, <i am on linux> > , few crash fixed using gdb.


    Electric fence is also popular. There is a bounds checking GCC, but I
    have not tried it.

    > 4. I suspect there are few <or say more> Array Overrun kind of stuffs
    > in the code.the code is in C lang. only,Any way to detect possible
    > array/buffer overflow. <any tool/library/compiler options etc>


    I like this thing:
    http://duma.sourceforge.net/

    > <please note : some of my friend has told use Java, it is not possible
    > at this stage.>
    >
    > Would be great if can provide any realistic/practical suggestion,
    > <Except review the whole code carefully, and manually detect.>


    Note:
    There are not really an C questions here, but I could not think of a
    more appropriate group to forward to. No doubt there is one, but I
    don't know what it is.
     
    user923005, Sep 17, 2007
    #4
  5. Sheth Raxit

    Tor Rustad Guest

    Sheth Raxit wrote:
    > Is there any Opensource/Free tool to detect all possible Overflow in
    > the code. ?
    >
    > Situation :
    > recently i came across some old code, <written by some careless
    > programmer, not having 'useful' document>.
    >
    > What i am doing...<since last few days.>
    >
    > 1. analyzing code flow using cflow and cscope.
    > 2. Removing All possible warnings <by gcc's Wall option.>


    Can you add the -pedantic and -ansi switch too?

    Next step, is to look into adding more static analysis via lint tool,
    e.g. 'splint', but that require a lot of effort, if you have never used
    such a tool before.


    > 3.Found some crash on Dynamic memory stuff, <trying to Fix/Catch more
    > using Valgrind, <i am on linux> > , few crash fixed using gdb.


    Another, useful tool is Electric Fence, which often core dump at point
    of overflow.

    However, a while back, I read a report from a super-computing center,
    where they had analyzed different memory tools, of these Valgrind was
    the best free tool, but was well behind the best commercial tools.


    > Would be great if can provide any realistic/practical suggestion,
    > <Except review the whole code carefully, and manually detect.>


    If not already done, I would add a lot of assert()'s, and in particular
    watch out for off-by-one errors.

    Another tip is switching to: strlcpy() & strlcat().

    --
    Tor <torust [at] online [dot] no>
     
    Tor Rustad, Sep 17, 2007
    #5
  6. Sheth Raxit

    CBFalconer Guest

    Tor Rustad wrote:
    > Sheth Raxit wrote:
    >
    >> Is there any Opensource/Free tool to detect all possible Overflow
    >> in the code. ?
    >>
    >> Situation :
    >> recently i came across some old code, <written by some careless
    >> programmer, not having 'useful' document>.
    >>
    >> What i am doing...<since last few days.>
    >>
    >> 1. analyzing code flow using cflow and cscope.
    >> 2. Removing All possible warnings <by gcc's Wall option.>

    >
    > Can you add the -pedantic and -ansi switch too?
    >
    > Next step, is to look into adding more static analysis via lint
    > tool, e.g. 'splint', but that require a lot of effort, if you have
    > never used such a tool before.
    >
    >> 3.Found some crash on Dynamic memory stuff, <trying to Fix/Catch
    >> more using Valgrind, <i am on linux> > , few crash fixed using gdb.

    >
    > Another, useful tool is Electric Fence, which often core dump at
    > point of overflow.
    >
    > However, a while back, I read a report from a super-computing
    > center, where they had analyzed different memory tools, of these
    > Valgrind was the best free tool, but was well behind the best
    > commercial tools.
    >
    >> Would be great if can provide any realistic/practical suggestion,
    >> <Except review the whole code carefully, and manually detect.>

    >
    > If not already done, I would add a lot of assert()'s, and in
    > particular watch out for off-by-one errors.
    >
    > Another tip is switching to: strlcpy() & strlcat().


    Generally good advice. One slight addition I would recommend is
    use of my nmalloc package, which includes comprehensive debugging
    abilities. While written for DJGPP, it is quite general, and I
    believe can operate on any byte addressed 32 bit system that has a
    sbrk() call available and allows substitution of malloc packages.
    It needs to be compiled with gcc. The package includes a manual.
    When installed, just link it before the system library is searched.

    The location also includes code for the (non-standard) strlcpy and
    strlcat.

    <http://cbfalconer.home.att.net/download/>

    --
    Chuck F (cbfalconer at maineline dot net)
    Available for consulting/temporary embedded and systems.
    <http://cbfalconer.home.att.net>



    --
    Posted via a free Usenet account from http://www.teranews.com
     
    CBFalconer, Sep 18, 2007
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Sam Iam
    Replies:
    0
    Views:
    472
    Sam Iam
    Jan 31, 2004
  2. Rahmi Acar
    Replies:
    5
    Views:
    447
    Karl Heinz Buchegger
    Jul 28, 2003
  3. Aahz
    Replies:
    0
    Views:
    395
  4. Tool for buffer overflow

    , Nov 18, 2004, in forum: C Programming
    Replies:
    1
    Views:
    396
    Alan Balmer
    Nov 18, 2004
  5. Replies:
    2
    Views:
    393
    Christopher Benson-Manica
    Nov 19, 2004
Loading...

Share This Page