2

My need is to dynamically analyse a c program for its buffer overflow condition. I'm doing my code in python. For this I need to run the c program through python which is done by subprocess module in python. I found it from the link given below subproces

Now i need to insert inaccessible page after each allocated buffer, so that when the buffer is overflowed it will throw an error. How to insert an inaccessible page like that. Can anyone help me? Im doing in windows 8.1 and python 2.7

thanks in advance

Community
  • 1
  • 1
Monica
  • 29
  • 2
  • In general, a good way to do this is to replace `malloc()`. Using Python doesn't make it much easier (IMO it seems harder). Refer to the design of Electric Fence, e.g. It's an extremely simple dynamic checker that implements allocation guard pages similar to what you describe. Note that it probably only impacts heap allocations, which probably won't allow attackers to overwrite return addrs, etc. – Brian Cain Dec 19 '14 at 19:05
  • If you need more help you're going to need to share details (the code!) for what you're doing right now. It's not clear how running the executable via `subprocess` provides any dynamic instrumentation capabilities. Are you using `linux`? `ptrace`? Windows? `mmap()`? – Brian Cain Dec 19 '14 at 19:07
  • It also sounds like you are trying to prove categorically that the c-code contains no bugs (or even one particular type of bug) - the only way to prove with 100% certainty is to recreate every possible input, and every possible code execution path - assuming that the C program is reasonably complex - that sounds like the Halting problem to me. – Tony Suffolk 66 Dec 19 '14 at 19:50
  • @BrianCain I'm in need to detect vulnerable code that may lead to buffer overflow by dynamic analysis. I have to do it in python. Are you talking about DUMA in electric fence? I'll refer to it. I'm doing in windows only. If u have any other easy way to do it(detection of buffer overflow in c code) using python could you please help? – Monica Dec 20 '14 at 13:28

0 Answers0