Apologies if this attaches itself to to my previous post, and for any typos!
Well the story so far:
This is working code and compiles on gcc versions 2.95.3, 4.2.1 and 7.3.0, AMIGA OS 3.0.x inside ADE, OSX 10.14.3 and Linux Mint 19.
I have called it 'obfuscate_asm.c'.
Although jumping INTO main() compiles BUT causes s segmentation fault, jumping OUT if it doesn't.
Just read the code and see the possibilities. Makes me wonder if this is done by commercial coders.
Results; OSX 10.14.3, default bash terminal, gcc 4.2.1.
As you can see by checking the 32 bit jumps, in this case e9 xx xx xx xx you can obfuscate your code by jumping all over the place to non used functions that actually would do something if called, obfuscate() would actually divide two numbers.
So IMHO gcc is not absolutely foolproof.
I have always quoted, even on here, "IF there is a back door I will find it!"
When I am really interested in finding something I will do my best to find it.
How do you compile ? Try gcc -Wall -ansi mycode.c -o mycode
I'm guessing, completely. You have to read your manpage for gcc, look for the options for your hardware e.g., SPARC
Compile with the strictest settings you can find. This will eliminate some of the problems you see: gcc compiling stuff that should fail.
Try to use -std=c99 if your compiler supports it, for example. Since you run on OSX and Amiga (I think), I have to punt on what the exact command should be.
PS: a good clean compile means zero warnings/errors
This User Gave Thanks to jim mcnamara For This Post:
Ah, now you're starting to jump between function with different amounts of local variables. Meaning these local variables may not actually be allocated properly when you use them or freed properly when you return, causing corruption on the stack (i.e. important pointer values on the stack overwritten with your local variables since stack space was never made for them), causing potential crashes on return when RET jumps into lala land. This is not recommended.
Also, main() is somewhat special, to the point newer compilers have stopped letting you take the address of it.
Further, doing things you didn't ask the compiler to do is begging for trouble. The compiler loves to remove things you "don't use", to the point that if you never touch a variable in your program, it might optimize it away completely and use hardcoded values instead. You have to make these variables 'volatile' to force the compiler to not do anything smart and helpful for you.
Because argv[0] actually exists, even in a program with no arguments - it's the name of the calling program. Again, why should it segfault? What exact fault should it be catching here? Segmentation fault means "touched memory I don't have permission to use", and if you don't do that, you don't get a segfault, even if you leap around like a flea on a hot griddle.
IMO gcc should check for any assembly jumps outside the bounds of any individual function, irrespective of how one compiles it. Just because the first code uses two near identical functions is irrelevant the 'asm()' function is taking functions out of their boundaries.
And, I don't intend, ever, to use this bad coding method at all. It was an exercise in finding out as I was researching about 'goto' inside a function.
--- Post updated at 03:56 PM ---
Quote:
Originally Posted by jim mcnamara
How do you compile ? Try gcc -Wall -ansi mycode.c -o mycode
I'm guessing, completely. You have to read your manpage for gcc, look for the options for your hardware e.g., SPARC
Compile with the strictest settings you can find. This will eliminate some of the problems you see: gcc compiling stuff that should fail.
Try to use -std=c99 if your compiler supports it, for example. Since you run on OSX and Amiga (I think), I have to punt on what the exact command should be.
PS: a good clean compile means zero warnings/errors
Hi Jim...
Absolutely.
However I shouldn't have to type all that just to find out, gcc filename.c should be sufficient.
It should have been __asm__ volatile() but I used the generic 'asm()' as it seems 'universal' even on my AMIGA C compilers.
Thanks for your help...
EDIT:
I didn't add this as an edit, it did so itself.
Last edited by wisecracker; 03-28-2019 at 01:00 PM..
Reason: See EDIT:
Apologies if this attaches to the previous post.
As a finale to this thread I decided to compile using the correct 'asm()' function __asm__ volatile() .
Results, OSX 10.14.3, default bash terminal, gcc 4.2.1.
The results are similar for AMIGA OS 3.0.x gcc 2.95.3 and Linunx Mint 19 gcc 7.3.0.
Voila! No error but the jumps are still there.
IMO gcc should check for any assembly jumps outside the bounds of any individual function, irrespective of how one compiles it.
It's necessary sometimes, if you're building an operating system for example, to insert special instructions here and there without the compiler's interference. That's the kind of thing asm() is for. gcc will insert raw assembly if you ask, but you really have to know what you're doing since it can't protect you( though some more advanced syntax lets you warn gcc about side-effects instead). Plain, non-ASM goto (yes, it exists, very rarely used) wouldn't let you jump out of bounds.
Oddities with gcc, 2.95.3 for the AMIGA and 4.2.1 for MY current OSX 10.14.1...
I am creating a basic calculator for the AMIGA ADE *NIX emulator in C as it does not have one.
Below are two very condensed snippets of which I have added the results inside the each code section.
IMPORTANT!... (11 Replies)
Hi Guys,
I just installed and booted a zone called testzone. When I logged in remotely and tried changing to root user I get this error:
"Segmentation fault"
Can someone please help me resolve this?
Thanks alot (2 Replies)
I use a binary name (ie polo) it gets some parameter , so for debugging normally i do this :
i wrote script for watchdog my app (polo) and check every second if it's not running then start it , the problem is , if my app , remain in state of segmentation fault for a while (ie 15 ... (6 Replies)
Hi Friends,
I have written a small code in C which performs the below operations
Task : 1 ) read line by line from a file.
2 ) assuming 3th and 4th fields of the file as GN and GNTO
3 ) The target file should contain all the fields except GNTO.
4... (3 Replies)
I'm getting a segmentation fault. I'm new to Linux programming. Thanks so much for all of your input.:eek:
#include </usr/include/mysql++/mysql++.h>
#include <stdio.h>
#include <iostream>
#include <sstream>
#include <string.h>
using namespace std;
int outputToImport(const char*... (1 Reply)
The java program is a part of speech tagger -> The Stanford NLP (Natural Language Processing) Group
The goal is to use this script as part of a webpage to tag parts of speech based on a user-inputted string.
I have no idea what to do with the files - I'm a complete *nix noob. I tried running... (4 Replies)
Hello,
I am running on a AIX5.2 server with Oracle 10g and 9i. My code compiles and works fine in 32-bit mode. The
same code compiles in 64-bit and runs good. The program catches CNTRL-C signal to terminate. Only on 64-bit code
when i hit CNTRL-C, the program exits with segmentation... (0 Replies)
hello all,
I tried a program on an array to intialise array elements from the standard input device.it is an integer array of 5 elements.but after entering the 4th element it throws a message called "Segmentation Fault" and returns to the command prompt without asking for the 5th element.
... (3 Replies)