Attachment #49140 for bug #66553




 * Yoann Vandoorselaere - <yoann[@]prelude-ids.org>
 * Robert Connolly - <robert[@]linuxfromscratch.org>
 * Cory Visi <cory@visi.name>
 * Malte S. Stretz <mss[@]msquadrat.de>
 *
 */


  {
    int fd;
#ifdef HAVE_DEV_ERANDOM
    if ((fd = __open ("/dev/erandom", O_RDONLY)) == (-1))
#endif
      fd = __open ("/dev/urandom", O_RDONLY);
    if (fd != (-1))
      {
	size = __libc_read (fd, (char *) &__guard, sizeof (__guard));
	__close (fd);
	if (size == sizeof (__guard))
	  return;
      }

     * terminator canary */
    struct timeval tv;

    __gettimeofday (&tv, NULL);
    __guard ^= tv.tv_usec ^ tv.tv_sec;
  }
}

  sigfillset (&mask);

  sigdelset (&mask, SSP_SIGTYPE);	/* Block all signal handlers */
  __sigprocmask (SIG_BLOCK, &mask, NULL);	/* except SIGABRT */

  bufsz = sizeof (buf);
  strcpy (buf, "<2>");

  write (STDERR_FILENO, buf + 3, len - 3);
  write (STDERR_FILENO, "()\n", 3);
#ifndef __dietlibc__
  /* FIXME: __socket() is just a stub, should this call be replaced? */
  if ((log = socket (AF_UNIX, SOCK_DGRAM, 0)) != -1)
    {
      /* Send "found" message to the "/dev/log" path */
      sock.sun_family = AF_UNIX;
      (void) strncpy (sock.sun_path, _PATH_LOG, sizeof (sock.sun_path) - 1);
      sock.sun_path[sizeof (sock.sun_path) - 1] = '\0';
      __sendto (log, buf, len, 0, (struct sockaddr *) &sock, sizeof (sock));
    }
#endif
  /* Make sure the default handler is associated with the our signal handler */

  sigfillset (&sa.sa_mask);	/* Block all signals */
  sa.sa_flags = 0;
  sa.sa_handler = SIG_DFL;
  __sigaction (SSP_SIGTYPE, &sa, NULL);
  /* FIXME: __kill() is just a stub, should this call be replaced? */
  (void) kill (getpid (), SSP_SIGTYPE);
  _exit (127);
}

Return to bug 66553

Lines 13-18 Link Here

(-)glibc-2.3.3/sysdeps/unix/sysv/linux/ssp.c.orig (-8 / +11 lines)
13	* Yoann Vandoorselaere - <yoann[@]prelude-ids.org>	13	* Yoann Vandoorselaere - <yoann[@]prelude-ids.org>
14	* Robert Connolly - <robert[@]linuxfromscratch.org>	14	* Robert Connolly - <robert[@]linuxfromscratch.org>
15	* Cory Visi <cory@visi.name>	15	* Cory Visi <cory@visi.name>
		16	* Malte S. Stretz <mss[@]msquadrat.de>
16	*	17	*
17	*/	18	*/
18		19
Lines 76-88 __guard_setup (void) Link Here
76	{	77	{
77	int fd;	78	int fd;
78	#ifdef HAVE_DEV_ERANDOM	79	#ifdef HAVE_DEV_ERANDOM
79	if ((fd = open ("/dev/erandom", O_RDONLY)) == (-1))	80	if ((fd = __open ("/dev/erandom", O_RDONLY)) == (-1))
80	#endif	81	#endif
81	fd = open ("/dev/urandom", O_RDONLY);	82	fd = __open ("/dev/urandom", O_RDONLY);
82	if (fd != (-1))	83	if (fd != (-1))
83	{	84	{
84	size = read (fd, (char *) &__guard, sizeof (__guard));	85	size = __libc_read (fd, (char *) &__guard, sizeof (__guard));
85	close (fd);	86	__close (fd);
86	if (size == sizeof (__guard))	87	if (size == sizeof (__guard))
87	return;	88	return;
88	}	89	}
Lines 97-103 __guard_setup (void) Link Here
97	* terminator canary */	98	* terminator canary */
98	struct timeval tv;	99	struct timeval tv;
99		100
100	gettimeofday (&tv, NULL);	101	__gettimeofday (&tv, NULL);
101	__guard ^= tv.tv_usec ^ tv.tv_sec;	102	__guard ^= tv.tv_usec ^ tv.tv_sec;
102	}	103	}
103	}	104	}
Lines 121-127 __stack_smash_handler (char func[], int Link Here
121	sigfillset (&mask);	122	sigfillset (&mask);
122		123
123	sigdelset (&mask, SSP_SIGTYPE); /* Block all signal handlers */	124	sigdelset (&mask, SSP_SIGTYPE); /* Block all signal handlers */
124	sigprocmask (SIG_BLOCK, &mask, NULL); /* except SIGABRT */	125	__sigprocmask (SIG_BLOCK, &mask, NULL); /* except SIGABRT */
125		126
126	bufsz = sizeof (buf);	127	bufsz = sizeof (buf);
127	strcpy (buf, "<2>");	128	strcpy (buf, "<2>");
Lines 145-157 __stack_smash_handler (char func[], int Link Here
145	write (STDERR_FILENO, buf + 3, len - 3);	146	write (STDERR_FILENO, buf + 3, len - 3);
146	write (STDERR_FILENO, "()\n", 3);	147	write (STDERR_FILENO, "()\n", 3);
147	#ifndef __dietlibc__	148	#ifndef __dietlibc__
		149	/* FIXME: __socket() is just a stub, should this call be replaced? */
148	if ((log = socket (AF_UNIX, SOCK_DGRAM, 0)) != -1)	150	if ((log = socket (AF_UNIX, SOCK_DGRAM, 0)) != -1)
149	{	151	{
150	/* Send "found" message to the "/dev/log" path */	152	/* Send "found" message to the "/dev/log" path */
151	sock.sun_family = AF_UNIX;	153	sock.sun_family = AF_UNIX;
152	(void) strncpy (sock.sun_path, _PATH_LOG, sizeof (sock.sun_path) - 1);	154	(void) strncpy (sock.sun_path, _PATH_LOG, sizeof (sock.sun_path) - 1);
153	sock.sun_path[sizeof (sock.sun_path) - 1] = '\0';	155	sock.sun_path[sizeof (sock.sun_path) - 1] = '\0';
154	sendto (log, buf, len, 0, (struct sockaddr *) &sock, sizeof (sock));	156	__sendto (log, buf, len, 0, (struct sockaddr *) &sock, sizeof (sock));
155	}	157	}
156	#endif	158	#endif
157	/* Make sure the default handler is associated with the our signal handler */	159	/* Make sure the default handler is associated with the our signal handler */
Lines 160-166 __stack_smash_handler (char func[], int Link Here
160	sigfillset (&sa.sa_mask); /* Block all signals */	162	sigfillset (&sa.sa_mask); /* Block all signals */
161	sa.sa_flags = 0;	163	sa.sa_flags = 0;
162	sa.sa_handler = SIG_DFL;	164	sa.sa_handler = SIG_DFL;
163	sigaction (SSP_SIGTYPE, &sa, NULL);	165	__sigaction (SSP_SIGTYPE, &sa, NULL);
		166	/* FIXME: __kill() is just a stub, should this call be replaced? */
164	(void) kill (getpid (), SSP_SIGTYPE);	167	(void) kill (getpid (), SSP_SIGTYPE);
165	_exit (127);	168	_exit (127);
166	}	169	}