What is it
libparanoia is a library which wraps calls to insecure
functions to functions with the same semantic, names and functionality, with
only one difference from original ones: new functions prevents stack
frames corruption - that functionality i need to prevent possible stack
overflows and return-into-libc attacks.
There are also a little script to add these
functionality to libc.
The functions which considered insecure is:
- strcpy
- strcat
- gets
- sprintf
- scanf
but that list can be extended.
Installation:
get the tarball with sources ( see
Availablility section)
If you need just standalone library ( called libparanoia ) you
need just to type make ; make install
If you want to add that functionality to libc
you can use ./copy-to-libc to copy patched
files to libc sources ( i did not create a patches to all
libc versions.. this script is smart enough to work with about any
FreeBSD libc ( tested 2.1.0-2.2.8, 3.0) ). You can configure
some functionality editing this script. After that, follow
the script instructions.
Compatibility:
written to FreeBSD,
but can be easily ported to any x86 unix ( it depends on x86 stack
organisation and assembler ). Porting to non-x86 platforms may be not so
trivial.
available from
ftp://ftp.lexa.ru/pub/domestic/snar/ with BSD-style license.
Thanks:
Oleg Panaschenko for original idea.
Author:
Alexandre Snarskii <snar@paranoia.ru>