summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorElliott Hughes <enh@google.com>2013-02-14 16:21:04 -0800
committerAndroid Git Automerger <android-git-automerger@android.com>2013-02-14 16:21:04 -0800
commit3b7c584fe90a5ea1d14d3e45c4c117d7ce46d39b (patch)
treeb1eabd79ee0add5f3509ae69a906624641929b8b
parent4869a68d56aaf3fefd2c1022bdab8571077e063c (diff)
parent910b7a8b88b29ee16c6014630b450dda56c5d578 (diff)
downloadsystem_core-3b7c584fe90a5ea1d14d3e45c4c117d7ce46d39b.zip
system_core-3b7c584fe90a5ea1d14d3e45c4c117d7ce46d39b.tar.gz
system_core-3b7c584fe90a5ea1d14d3e45c4c117d7ce46d39b.tar.bz2
am 910b7a8b: am 17361134: Merge "Add a "smash-stack" option to crasher."
# Via Android Git Automerger (1) and others * commit '910b7a8b88b29ee16c6014630b450dda56c5d578': Add a "smash-stack" option to crasher.
-rw-r--r--debuggerd/Android.mk1
-rw-r--r--debuggerd/crasher.c13
2 files changed, 14 insertions, 0 deletions
diff --git a/debuggerd/Android.mk b/debuggerd/Android.mk
index e48b9af..3fca64f 100644
--- a/debuggerd/Android.mk
+++ b/debuggerd/Android.mk
@@ -37,6 +37,7 @@ LOCAL_SRC_FILES += $(TARGET_ARCH)/crashglue.S
LOCAL_MODULE := crasher
LOCAL_MODULE_PATH := $(TARGET_OUT_OPTIONAL_EXECUTABLES)
LOCAL_MODULE_TAGS := optional
+LOCAL_CFLAGS += -fstack-protector-all
#LOCAL_FORCE_STATIC_EXECUTABLE := true
LOCAL_SHARED_LIBRARIES := libcutils libc
include $(BUILD_EXECUTABLE)
diff --git a/debuggerd/crasher.c b/debuggerd/crasher.c
index 74eaa49..134fe80 100644
--- a/debuggerd/crasher.c
+++ b/debuggerd/crasher.c
@@ -35,6 +35,18 @@ static void debuggerd_connect()
}
}
+int smash_stack(int i) {
+ printf("crasher: deliberately corrupting stack...\n");
+ // Unless there's a "big enough" buffer on the stack, gcc
+ // doesn't bother inserting checks.
+ char buf[8];
+ // If we don't write something relatively unpredicatable
+ // into the buffer and then do something with it, gcc
+ // optimizes everything away and just returns a constant.
+ *(int*)(&buf[7]) = (uintptr_t) &buf[0];
+ return *(int*)(&buf[0]);
+}
+
void test_call1()
{
*((int*) 32) = 1;
@@ -95,6 +107,7 @@ int do_action(const char* arg)
return do_action_on_thread(arg + strlen("thread-"));
}
+ if(!strcmp(arg,"smash-stack")) return smash_stack(42);
if(!strcmp(arg,"nostack")) crashnostack();
if(!strcmp(arg,"ctest")) return ctest();
if(!strcmp(arg,"exit")) exit(1);