Skip to content
/ stack-guard Public

A toy implementation of 'Stack Guard' on top of the LLVM compiler toolchain

License

MIT license
24 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

DhavalKapil/stack-guard

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits

StackGuardPass

StackGuardPass

 
 

tests

tests

 
 

.gitignore

.gitignore

 
 

CMakeLists.txt

CMakeLists.txt

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

Repository files navigation

stack-guard

A toy implementation of 'Stack Guard' on top of the LLVM compiler toolchain.

Instrumentation code is added during compilation process to insert and verify stack canaries. Local variables (on the stack) are reordered to prevent buffers overflowing into other local variables. Vulnerable buffers are identified by performing a simple version of static taint analysis. Dependencies are maintained between function calls and pointer manipulations.

Note: This was developed as a hobby project for fun. It should only be used for educational purposes. Some of its features could be implemented in a much simpler way, but I choose techniques which involved more of LLVM API, just to get used to it.

Installation

StackGuard requires cmake >= 3.8. It has been tested on llvm 3.5 and clang 3.5.

To build:

mkdir build && cd build
cmake -DLLVM_ROOT=/path/to/llvm/build ..
make

Usage

clang -Xload -load -Xload /path/to/StackGuard/build/StackGuardPass/LLVMStackGuardPass.so <source code>

Tests are present in ./tests. Run them using:

make test

License

StackGuard is licensed under the MIT license.

About

A toy implementation of 'Stack Guard' on top of the LLVM compiler toolchain

Topics

stack llvm clang taint-analysis

Resources

Readme

License

MIT license
Activity

Stars

24 stars

Watchers

3 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages