--=.ormk9s7oaJIgCQ
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

Christoph Kaegi <kgc@zhwin.ch> wrote:

> I checked everything that handles a char (it's only a small function) 
> but everything seems to be correct.
> 
> Can I look at the return address somehow with gdb while
> singlestepping?

There's the package lang/gcc-ssp which adds code to detect an
overwrite of the return address. You can also do that manually
and use a watchpoint in gdb:

void blah(...) {
	int protector = FUNNY_VALUE;

	[further variables and code]

	assert(FUNNY_VALUE == protector);
}

You can now use "protector == FUNNY_VALUE" as a watchpoint which
allows you to find the exact of code and the current values of all
variables that cause the stack smashing. gcc has a special feature
__builtin_return_address(int frame), you can exploit for similar
checks.

Christian

--=.ormk9s7oaJIgCQ
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (NetBSD)

iD8DBQE+xUcX0KQix3oyIMcRAiOkAKDPu8Mx9vVH5+zkH/E0yKHl8I5Y+wCghAND
72LbsfrMCgOZ+6bypl22Swg=
=YCzc
-----END PGP SIGNATURE-----

--=.ormk9s7oaJIgCQ--