Checking for Stack Overflow at Runtime #Programming #Debugging @McuOnEclipse

MCU on Eclipse

on MCU on Eclipse writes about using stack canaries with the GCC compiler to check for stack overflow at runtime.

Stack overflows are probably the number 1 enemy of embedded applications: a call to a a printf() monster likely will use too much stack space, resulting in overwritten memory and crashing applications. But stack memory is limited and expensive on these devices, so you don’t want to spend too much space for it. But for sure not to little too. Or bad things will happen.

The problem is that application call stack (function calls, pushing parameters and using local variables) is growing into one direction. If the reserved stack space is not large enough, the call stack space can grow into the other memory area and corrupt data.

The article lists different ways to deal with this:

  • Static Analysis. Making a good analysis how much stack is needed. Recursion can be a problem.
  • Using MPU (Hardware Memory Protection) to detect and protect the overflow
  • Using hardware watchpoints to detect the overwrite
  • Place sentinel values at the end of the stack space which are periodically checked

The last option is what can be turned on in FreeRTOS.

Security

There is another problem especially when considering security: arbitrary code execution causing a stack overflow/corruption with the goal to take control over the system. These are called ‘stack overflow exploits’. See http://phrack.org/issues/49/14.html for a good tutorial on this concept (and if you want to get into the hacking business  ).

To counter these exploits, compilers including the gcc started to add ‘hardening’ options to detect these exploits. One of it is the GNU gcc StackGuard (see ftp://gcc.gnu.org/pub/gcc/summit/2003/Stackguard.pdf). In that approach, the compiler is placing a ‘canary’ guard into each instrumented function stack frame.

The gcc compiler provides a set of options to use canaries (see https://gcc.gnu.org/onlinedocs/gcc/Instrumentation-Options.html).

-fstack-protector: Emit extra code to check for buffer overflows, such as stack smashing attacks. This is done by adding a guard variable to functions with vulnerable objects. This includes functions that call alloca, and functions with buffers larger than 8 bytes. The guards are initialized when a function is entered and then checked when the function exits. If a guard check fails, an error message is printed and the program exits.

-fstack-protector-all: Like -fstack-protector except that all functions are protected.

See the article on how things are implemented.

__stack_chk_guard


8-6-2021 (August 6, 2021) is the Snakiest day of the year and it’s also this year’s CircuitPython Day! The day highlights all things CircuitPython and Python on Hardware. See you there!

Stop breadboarding and soldering – start making immediately! Adafruit’s Circuit Playground is jam-packed with LEDs, sensors, buttons, alligator clip pads and more. Build projects with Circuit Playground in a few minutes with the drag-and-drop MakeCode programming site, learn computer science using the CS Discoveries class on code.org, jump into CircuitPython to learn Python and hardware together, TinyGO, or even use the Arduino IDE. Circuit Playground Express is the newest and best Circuit Playground board, with support for CircuitPython, MakeCode, and Arduino. It has a powerful processor, 10 NeoPixels, mini speaker, InfraRed receive and transmit, two buttons, a switch, 14 alligator clip pads, and lots of sensors: capacitive touch, IR proximity, temperature, light, motion and sound. A whole wide world of electronics and coding is waiting for you, and it fits in the palm of your hand.

Join 30,000+ makers on Adafruit’s Discord channels and be part of the community! http://adafru.it/discord

Have an amazing project to share? The Electronics Show and Tell is every Wednesday at 7pm ET! To join, head over to YouTube and check out the show’s live chat – we’ll post the link there.

Join us every Wednesday night at 8pm ET for Ask an Engineer!

Follow Adafruit on Instagram for top secret new products, behinds the scenes and more https://www.instagram.com/adafruit/

CircuitPython – The easiest way to program microcontrollers – CircuitPython.org


Maker Business — Over 500,000 manufacturing jobs are going unfilled

Wearables — Wings that shine

Electronics — Get the scoop on crystal capacitors

Python for Microcontrollers — Python on Microcontrollers Newsletter: WipperSnapper beta, 30k Discord Users and more! #Python #Adafruit #CircuitPython @micropython @ThePSF

Adafruit IoT Monthly — Smart Agriculture, an E-Ink Newspaper, and more!

Microsoft MakeCode — MakeCode for the micro:bit - 2021 Release!

EYE on NPI — Maxim’s Himalaya uSLIC Step-Down Power Module #EyeOnNPI @maximintegrated @digikey

New Products – Adafruit Industries – Makers, hackers, artists, designers and engineers! — New Prods 7/22/21 feat. Etched Glow-Through Keycap w/ Open Source Hardware Gear Logo – MX Switches! @adafruit #adafruit #newproducts

Get the only spam-free daily newsletter about wearables, running a "maker business", electronic tips and more! Subscribe at AdafruitDaily.com !



No Comments

No comments yet.

Sorry, the comment form is closed at this time.