diff options
Diffstat (limited to 'schulung_tools/mtrace')
| -rw-r--r-- | schulung_tools/mtrace/Makefile | 7 | ||||
| -rw-r--r-- | schulung_tools/mtrace/README | 19 | ||||
| -rw-r--r-- | schulung_tools/mtrace/leak.c | 15 | ||||
| -rw-r--r-- | schulung_tools/mtrace/mtrace.patch | 25 |
4 files changed, 66 insertions, 0 deletions
diff --git a/schulung_tools/mtrace/Makefile b/schulung_tools/mtrace/Makefile new file mode 100644 index 0000000..224a9fa --- /dev/null +++ b/schulung_tools/mtrace/Makefile @@ -0,0 +1,7 @@ +leak: leak.c + gcc -g -O0 -o$@ $< + +clean: + rm -f leak + +.PHONY: clean diff --git a/schulung_tools/mtrace/README b/schulung_tools/mtrace/README new file mode 100644 index 0000000..0c61b6d --- /dev/null +++ b/schulung_tools/mtrace/README @@ -0,0 +1,19 @@ +#!/bin/sh + +# copy original mtrace (perl script) +cp /usr/bin/mtrace . + +# patch it to support new ASLR semantics +patch -p1 < mtrace.patch + +# disable randomization +setarch `uname -m` -R /bin/bash + +# build leaking test program +make + +# run test program and record leaks +MALLOC_TRACE=./leak.trace ./leak + +# view found +./mtrace ./leak ./leak.trace diff --git a/schulung_tools/mtrace/leak.c b/schulung_tools/mtrace/leak.c new file mode 100644 index 0000000..45ec7b1 --- /dev/null +++ b/schulung_tools/mtrace/leak.c @@ -0,0 +1,15 @@ +#include <stdio.h> +#include <stdlib.h> +#include <mcheck.h> + +void a(void) +{ + malloc(1024); +} + +int main(void) +{ + mtrace(); + a(); + return 0; +} diff --git a/schulung_tools/mtrace/mtrace.patch b/schulung_tools/mtrace/mtrace.patch new file mode 100644 index 0000000..874388c --- /dev/null +++ b/schulung_tools/mtrace/mtrace.patch @@ -0,0 +1,25 @@ +Patch mtrace to deal with new ASLR issues. +--- a/mtrace 2017-06-15 20:17:14.000000000 +0100 ++++ b/mtrace 2017-12-13 12:09:31.584089486 +0000 +@@ -75,10 +75,10 @@ if ($#ARGV == 0) { + } else { + $prog = "./$binary"; + } +- if (open (LOCS, "env LD_TRACE_LOADED_OBJECTS=1 $prog |")) { ++ if (open (LOCS, "env LD_TRACE_PRELINKING=1 $prog |")) { + while (<LOCS>) { + chop; +- if (/^.*=> (.*) .(0x[0123456789abcdef]*).$/) { ++ if (/^.*=> (.*) .(0x[0123456789abcdef]*),.*/) { + $locs{$1} = $2; + } + } +@@ -111,7 +111,7 @@ sub location { + my $searchaddr; + return $cache{$addr} if (exists $cache{$addr}); + if ($locs{$prog} ne "") { +- $searchaddr = sprintf "%#x", $addr - $locs{$prog}; ++ $searchaddr = sprintf "%#x", hex($addr) - hex($locs{$prog}); + } else { + $searchaddr = $addr; + $prog = $binary; |