diff --git a/.clang-format b/.clang-format new file mode 100644 index 0000000..8dff334 --- /dev/null +++ b/.clang-format @@ -0,0 +1,4 @@ +BasedOnStyle: LLVM +IndentWidth: 4 +ColumnLimit: 100 +UseTab: Never diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml deleted file mode 100644 index 6cb4227..0000000 --- a/.github/workflows/build.yml +++ /dev/null @@ -1,18 +0,0 @@ -name: Build and Test - -on: [push, pull_request] - -jobs: - verify: - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Install build tools - run: | - sudo apt-get update - sudo apt-get install -y gcc make - - - name: Run project verification - run: make check diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..b1f7ebd --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,228 @@ +name: CI + +on: + push: + branches: + - main + - master + pull_request: + workflow_dispatch: + +permissions: + contents: read + +concurrency: + group: ci-${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +env: + CCACHE_DIR: ${{ github.workspace }}/.ccache + DEFAULT_CFLAGS: >- + -Wall -Wextra -Werror -O2 -g + -fstack-protector-strong -D_FORTIFY_SOURCE=2 + DEFAULT_VERIFY_CFLAGS: >- + -Wall -Wextra -Werror -O2 + -fstack-protector-strong -D_FORTIFY_SOURCE=2 + SANITIZER_CFLAGS: >- + -Wall -Wextra -Werror -O1 -g + -fsanitize=address,undefined -fno-omit-frame-pointer + +jobs: + lint: + name: Lint and static analysis + runs-on: ubuntu-latest + timeout-minutes: 15 + + steps: + - name: Check out repository + uses: actions/checkout@v4 + + - name: Install linting tools + run: | + sudo apt-get update + sudo apt-get install -y clang-format cppcheck + + - name: Verify formatting with clang-format + shell: bash + run: | + mapfile -t files < <(find src tests -type f \( -name '*.c' -o -name '*.h' \) | sort) + + if [ "${#files[@]}" -eq 0 ]; then + echo "No C source files found to format-check." + exit 0 + fi + + clang-format --version + clang-format \ + --style=file \ + --fallback-style=LLVM \ + --dry-run \ + --Werror \ + "${files[@]}" + + - name: Run cppcheck + shell: bash + run: | + cppcheck \ + --std=c11 \ + --language=c \ + --enable=warning,style,performance,portability \ + --error-exitcode=1 \ + --inline-suppr \ + --suppress=missingIncludeSystem \ + src tests + + build-test: + name: Build and test (${{ matrix.os }}) + runs-on: ${{ matrix.os }} + needs: lint + timeout-minutes: 20 + + strategy: + fail-fast: false + matrix: + include: + - os: ubuntu-latest + install_cmd: | + sudo apt-get update + sudo apt-get install -y gcc make ccache + - os: macos-latest + install_cmd: | + brew update + brew install gcc make ccache + + steps: + - name: Check out repository + uses: actions/checkout@v4 + + - name: Install build dependencies + run: ${{ matrix.install_cmd }} + + - name: Resolve toolchain + shell: bash + run: | + if [ "${{ runner.os }}" = "macOS" ]; then + CC_BIN="$(command -v gcc-14 || command -v gcc-13 || command -v gcc-12)" + MAKE_BIN="$(command -v gmake)" + BUILD_CFLAGS="-Wall -Wextra -Werror -O2 -g -fstack-protector-strong" + BUILD_VERIFY_CFLAGS="-Wall -Wextra -Werror -O2 -fstack-protector-strong" + else + CC_BIN="$(command -v gcc)" + MAKE_BIN="$(command -v make)" + BUILD_CFLAGS="${DEFAULT_CFLAGS}" + BUILD_VERIFY_CFLAGS="${DEFAULT_VERIFY_CFLAGS}" + fi + + if [ -z "${CC_BIN}" ] || [ -z "${MAKE_BIN}" ]; then + echo "Failed to resolve compiler or make binary." + exit 1 + fi + + echo "CC_BIN=${CC_BIN}" >> "${GITHUB_ENV}" + echo "MAKE_BIN=${MAKE_BIN}" >> "${GITHUB_ENV}" + echo "BUILD_CFLAGS=${BUILD_CFLAGS}" >> "${GITHUB_ENV}" + echo "BUILD_VERIFY_CFLAGS=${BUILD_VERIFY_CFLAGS}" >> "${GITHUB_ENV}" + + - name: Restore ccache + uses: actions/cache@v4 + with: + path: ${{ env.CCACHE_DIR }} + key: ${{ runner.os }}-ccache-${{ hashFiles('Makefile', 'src/**/*.c', 'src/**/*.h', 'tests/**/*.c', 'tests/**/*.h') }} + restore-keys: | + ${{ runner.os }}-ccache- + + - name: Configure ccache + shell: bash + run: | + ccache --max-size 250M + ccache --zero-stats + + - name: Run verify, test, and check + shell: bash + run: | + "${MAKE_BIN}" clean + "${MAKE_BIN}" verify \ + CC="ccache ${CC_BIN}" \ + CFLAGS="${BUILD_CFLAGS}" \ + VERIFY_CFLAGS="${BUILD_VERIFY_CFLAGS}" + "${MAKE_BIN}" test \ + CC="ccache ${CC_BIN}" \ + CFLAGS="${BUILD_CFLAGS}" \ + VERIFY_CFLAGS="${BUILD_VERIFY_CFLAGS}" + "${MAKE_BIN}" check \ + CC="ccache ${CC_BIN}" \ + CFLAGS="${BUILD_CFLAGS}" \ + VERIFY_CFLAGS="${BUILD_VERIFY_CFLAGS}" + + - name: Show ccache statistics + if: always() + run: ccache --show-stats + + - name: Upload compiled binaries + uses: actions/upload-artifact@v4 + with: + name: binaries-${{ runner.os }} + if-no-files-found: error + retention-days: 14 + path: | + vuln_buffer_overflow + safe_input_demo + stack_layout_demo + overflow_behavior_demo + control_flow_simulation + demo_runtime_checks + + security: + name: Hardened and sanitizer checks + runs-on: ubuntu-latest + needs: lint + timeout-minutes: 20 + + env: + ASAN_OPTIONS: detect_leaks=1:halt_on_error=1:strict_string_checks=1 + UBSAN_OPTIONS: print_stacktrace=1:halt_on_error=1 + + steps: + - name: Check out repository + uses: actions/checkout@v4 + + - name: Install security build dependencies + run: | + sudo apt-get update + sudo apt-get install -y gcc make ccache + + - name: Restore ccache + uses: actions/cache@v4 + with: + path: ${{ env.CCACHE_DIR }} + key: security-ccache-${{ hashFiles('Makefile', 'src/**/*.c', 'src/**/*.h', 'tests/**/*.c', 'tests/**/*.h') }} + restore-keys: | + security-ccache- + + - name: Configure ccache + shell: bash + run: | + ccache --max-size 250M + ccache --zero-stats + + - name: Run hardened build and test + shell: bash + run: | + make clean + make check \ + CC="ccache gcc" \ + CFLAGS="${DEFAULT_CFLAGS}" \ + VERIFY_CFLAGS="${DEFAULT_VERIFY_CFLAGS}" + + - name: Run AddressSanitizer and UBSan checks + shell: bash + run: | + make clean + make check \ + CC="ccache gcc" \ + CFLAGS="${SANITIZER_CFLAGS}" \ + VERIFY_CFLAGS="${SANITIZER_CFLAGS}" + + - name: Show ccache statistics + if: always() + run: ccache --show-stats diff --git a/src/control_flow_simulation.c b/src/control_flow_simulation.c index 8d0a352..90b1c93 100644 --- a/src/control_flow_simulation.c +++ b/src/control_flow_simulation.c @@ -44,8 +44,7 @@ int run_control_flow_simulation(FILE *output) { * redirect execution unexpectedly. This demo only illustrates the idea * of control-flow redirection without exploit code. */ - fprintf(output, - "\nSimulating conceptual pointer corruption by manual reassignment...\n"); + fprintf(output, "\nSimulating conceptual pointer corruption by manual reassignment...\n"); func_ptr = target_function; fprintf(output, "Calling through function pointer (after change):\n"); @@ -55,7 +54,5 @@ int run_control_flow_simulation(FILE *output) { } #ifndef DEMO_NO_MAIN -int main(void) { - return run_control_flow_simulation(stdout); -} +int main(void) { return run_control_flow_simulation(stdout); } #endif diff --git a/src/overflow_behavior_demo.c b/src/overflow_behavior_demo.c index 808ea8c..2dfabb2 100644 --- a/src/overflow_behavior_demo.c +++ b/src/overflow_behavior_demo.c @@ -4,10 +4,7 @@ #include "demo_programs.h" -enum { - OVERFLOW_DEMO_BUFFER_SIZE = 16, - OVERFLOW_DEMO_MAX_INPUT = 96 -}; +enum { OVERFLOW_DEMO_BUFFER_SIZE = 16, OVERFLOW_DEMO_MAX_INPUT = 96 }; struct overflow_demo_layout { char buffer[OVERFLOW_DEMO_BUFFER_SIZE]; @@ -46,8 +43,7 @@ static void print_hex_bytes(FILE *output, const unsigned char *bytes, size_t byt fputc('\n', output); } -static size_t simulate_unbounded_copy(struct overflow_demo_layout *layout, - const char *input) { +static size_t simulate_unbounded_copy(struct overflow_demo_layout *layout, const char *input) { unsigned char *raw_bytes = (unsigned char *)layout; size_t input_len = strlen(input); size_t index = 0; @@ -107,17 +103,20 @@ int run_overflow_behavior_demo(FILE *input, FILE *output) { memcpy(&x, layout.x_bytes, sizeof(x)); - fprintf(output, "Input length: %lu\n", (unsigned long)input_len); + const unsigned long cap_ul = (unsigned long)(OVERFLOW_DEMO_BUFFER_SIZE - 1); + const unsigned long input_ul = (unsigned long)input_len; + const unsigned long past_ul = (unsigned long)bytes_past_buffer; + const unsigned long into_ul = (unsigned long)bytes_into_x; + const unsigned long x_size_ul = (unsigned long)sizeof(layout.x_bytes); + + fprintf(output, "Input length: %lu\n", input_ul); if (input_len >= sizeof(layout.buffer)) { fprintf(output, - "WARNING: Input length (%lu) exceeds buffer capacity (%lu).\n", - (unsigned long)input_len, - (unsigned long)(sizeof(layout.buffer) - 1)); - fprintf(output, "Simulated bytes written past buffer: %lu\n", - (unsigned long)bytes_past_buffer); - fprintf(output, "Bytes that reached adjacent int: %lu of %lu\n", - (unsigned long)bytes_into_x, - (unsigned long)sizeof(layout.x_bytes)); + "WARNING: Input length (%lu) exceeds " + "buffer capacity (%lu).\n", + input_ul, cap_ul); + fprintf(output, "Simulated bytes written past buffer: %lu\n", past_ul); + fprintf(output, "Bytes that reached adjacent int: %lu of %lu\n", into_ul, x_size_ul); fprintf(output, "Adjacent int bytes after simulation: "); print_hex_bytes(output, layout.x_bytes, sizeof(layout.x_bytes)); } else { @@ -131,7 +130,5 @@ int run_overflow_behavior_demo(FILE *input, FILE *output) { } #ifndef DEMO_NO_MAIN -int main(void) { - return run_overflow_behavior_demo(stdin, stdout); -} +int main(void) { return run_overflow_behavior_demo(stdin, stdout); } #endif diff --git a/src/safe_input_demo.c b/src/safe_input_demo.c index 197d330..0348d65 100644 --- a/src/safe_input_demo.c +++ b/src/safe_input_demo.c @@ -29,7 +29,5 @@ int run_safe_input_demo(FILE *input, FILE *output) { } #ifndef DEMO_NO_MAIN -int main(void) { - return run_safe_input_demo(stdin, stdout); -} +int main(void) { return run_safe_input_demo(stdin, stdout); } #endif diff --git a/src/stack_layout_demo.c b/src/stack_layout_demo.c index 015c431..0dd8eb9 100644 --- a/src/stack_layout_demo.c +++ b/src/stack_layout_demo.c @@ -9,7 +9,7 @@ * to help visualize how function-call memory is arranged. */ static void print_stack_layout(FILE *output, int demo_id) { - char buffer[16]; + const char buffer[16] = {0}; int x = 10; /* @@ -17,7 +17,7 @@ static void print_stack_layout(FILE *output, int demo_id) { * On many systems, the stack often grows downward * (from higher addresses toward lower addresses). */ - fprintf(output, "Address of buffer: %p\n", (void *)buffer); + fprintf(output, "Address of buffer: %p\n", (const void *)buffer); fprintf(output, "Address of x: %p\n", (void *)&x); fprintf(output, "Address of parameter demo_id: %p\n", (void *)&demo_id); } @@ -33,7 +33,5 @@ int run_stack_layout_demo(FILE *output) { } #ifndef DEMO_NO_MAIN -int main(void) { - return run_stack_layout_demo(stdout); -} +int main(void) { return run_stack_layout_demo(stdout); } #endif diff --git a/src/vuln_buffer_overflow.c b/src/vuln_buffer_overflow.c index f31830d..ae97459 100644 --- a/src/vuln_buffer_overflow.c +++ b/src/vuln_buffer_overflow.c @@ -16,6 +16,7 @@ int run_vuln_buffer_overflow(FILE *input, FILE *output) { fprintf(output, "[vuln_buffer_overflow] Unsafe input demo\n"); fprintf(output, "Enter a word: "); + /* cppcheck-suppress invalidscanf */ if (fscanf(input, "%s", buffer) != 1) { fprintf(output, "Input error.\n"); return 1; @@ -26,7 +27,5 @@ int run_vuln_buffer_overflow(FILE *input, FILE *output) { } #ifndef DEMO_NO_MAIN -int main(void) { - return run_vuln_buffer_overflow(stdin, stdout); -} +int main(void) { return run_vuln_buffer_overflow(stdin, stdout); } #endif diff --git a/tests/demo_runtime_checks.c b/tests/demo_runtime_checks.c index d452f7b..034f815 100644 --- a/tests/demo_runtime_checks.c +++ b/tests/demo_runtime_checks.c @@ -18,12 +18,8 @@ static int open_temp_file(struct temp_file *temp_file) { temp_file->stream = NULL; temp_file->path[0] = '\0'; - if (snprintf(temp_file->path, - sizeof(temp_file->path), - "tests/runtime_check_%lu_%lu_%u.tmp", - (unsigned long)time(NULL), - (unsigned long)clock(), - counter++) < 0) { + if (snprintf(temp_file->path, sizeof(temp_file->path), "tests/runtime_check_%lu_%lu_%u.tmp", + (unsigned long)time(NULL), (unsigned long)clock(), counter++) < 0) { return 0; } @@ -97,14 +93,9 @@ static int open_input_stream(struct temp_file *temp_file, const char *text) { return 1; } -static void expect_contains(const char *test_name, - const char *output, - const char *needle) { +static void expect_contains(const char *test_name, const char *output, const char *needle) { if (strstr(output, needle) == NULL) { - fprintf(stderr, - "[FAIL] %s missing expected text: %s\n", - test_name, - needle); + fprintf(stderr, "[FAIL] %s missing expected text: %s\n", test_name, needle); failure_count++; } } @@ -217,8 +208,7 @@ static void test_overflow_behavior_demo(void) { char *text = NULL; int result = 0; - if (!open_input_stream(&input, "AAAAAAAAAAAAAAAAAAAAAA\n") || - !open_temp_file(&output)) { + if (!open_input_stream(&input, "AAAAAAAAAAAAAAAAAAAAAA\n") || !open_temp_file(&output)) { fprintf(stderr, "[FAIL] %s could not create temp files\n", test_name); failure_count++; goto cleanup; @@ -233,10 +223,8 @@ static void test_overflow_behavior_demo(void) { } expect_success(test_name, result); - expect_contains(test_name, text, - "[overflow_behavior_demo] Deterministic overflow impact demo"); - expect_contains(test_name, text, - "WARNING: Input length (22) exceeds buffer capacity (15)."); + expect_contains(test_name, text, "[overflow_behavior_demo] Deterministic overflow impact demo"); + expect_contains(test_name, text, "WARNING: Input length (22) exceeds buffer capacity (15)."); expect_contains(test_name, text, "Bytes that reached adjacent int: 4 of 4"); expect_contains(test_name, text, "Adjacent int bytes after simulation: 41 41 41 41"); @@ -268,8 +256,7 @@ static void test_control_flow_simulation(void) { } expect_success(test_name, result); - expect_contains(test_name, text, - "[control_flow_simulation] Conceptual control-flow demo"); + expect_contains(test_name, text, "[control_flow_simulation] Conceptual control-flow demo"); expect_contains(test_name, text, "safe_function(): normal control flow path."); expect_contains(test_name, text, "target_function(): alternate control flow path."); diff --git a/tests/runtime_check_1776790212_0_0.tmp b/tests/runtime_check_1776790212_0_0.tmp new file mode 100644 index 0000000..ce01362 --- /dev/null +++ b/tests/runtime_check_1776790212_0_0.tmp @@ -0,0 +1 @@ +hello diff --git a/tests/runtime_check_1776790212_0_1.tmp b/tests/runtime_check_1776790212_0_1.tmp new file mode 100644 index 0000000..949ec06 --- /dev/null +++ b/tests/runtime_check_1776790212_0_1.tmp @@ -0,0 +1,2 @@ +[safe_input_demo] Safe input demo +Enter text: You entered safely: hello diff --git a/tests/runtime_check_1776790212_0_2.tmp b/tests/runtime_check_1776790212_0_2.tmp new file mode 100644 index 0000000..ce01362 --- /dev/null +++ b/tests/runtime_check_1776790212_0_2.tmp @@ -0,0 +1 @@ +hello diff --git a/tests/runtime_check_1776790212_0_3.tmp b/tests/runtime_check_1776790212_0_3.tmp new file mode 100644 index 0000000..c30b5b8 --- /dev/null +++ b/tests/runtime_check_1776790212_0_3.tmp @@ -0,0 +1,2 @@ +[vuln_buffer_overflow] Unsafe input demo +Enter a word: You entered: hello diff --git a/tests/runtime_check_1776790212_0_4.tmp b/tests/runtime_check_1776790212_0_4.tmp new file mode 100644 index 0000000..7ac5ad7 --- /dev/null +++ b/tests/runtime_check_1776790212_0_4.tmp @@ -0,0 +1,5 @@ +[stack_layout_demo] Stack address observation +Address of main_local: 0061FE4C +Address of buffer: 0061FE10 +Address of x: 0061FE0C +Address of parameter demo_id: 0061FE34 diff --git a/tests/runtime_check_1776790212_1_5.tmp b/tests/runtime_check_1776790212_1_5.tmp new file mode 100644 index 0000000..b20553a --- /dev/null +++ b/tests/runtime_check_1776790212_1_5.tmp @@ -0,0 +1 @@ +AAAAAAAAAAAAAAAAAAAAAA diff --git a/tests/runtime_check_1776790212_1_6.tmp b/tests/runtime_check_1776790212_1_6.tmp new file mode 100644 index 0000000..963a84d --- /dev/null +++ b/tests/runtime_check_1776790212_1_6.tmp @@ -0,0 +1,9 @@ +[overflow_behavior_demo] Deterministic overflow impact demo +Value of x before input: 10 +Enter input: Input length: 22 +WARNING: Input length (22) exceeds buffer capacity (15). +Simulated bytes written past buffer: 4 +Bytes that reached adjacent int: 4 of 4 +Adjacent int bytes after simulation: 41 41 41 41 +Value of x after simulated copy: 1094795585 +Buffer preview: AAAAAAAAAAAAAAAA diff --git a/tests/runtime_check_1776790212_1_7.tmp b/tests/runtime_check_1776790212_1_7.tmp new file mode 100644 index 0000000..d20938b --- /dev/null +++ b/tests/runtime_check_1776790212_1_7.tmp @@ -0,0 +1,11 @@ +[control_flow_simulation] Conceptual control-flow demo +Address of safe_function: 00402604 +Address of target_function: 00402630 +Address of func_ptr var: 0061FE4C + +Calling through function pointer (before change): +safe_function(): normal control flow path. + +Simulating conceptual pointer corruption by manual reassignment... +Calling through function pointer (after change): +target_function(): alternate control flow path. diff --git a/tests/runtime_check_1776790415_0_0.tmp b/tests/runtime_check_1776790415_0_0.tmp new file mode 100644 index 0000000..ce01362 --- /dev/null +++ b/tests/runtime_check_1776790415_0_0.tmp @@ -0,0 +1 @@ +hello diff --git a/tests/runtime_check_1776790415_0_1.tmp b/tests/runtime_check_1776790415_0_1.tmp new file mode 100644 index 0000000..949ec06 --- /dev/null +++ b/tests/runtime_check_1776790415_0_1.tmp @@ -0,0 +1,2 @@ +[safe_input_demo] Safe input demo +Enter text: You entered safely: hello diff --git a/tests/runtime_check_1776790415_1_2.tmp b/tests/runtime_check_1776790415_1_2.tmp new file mode 100644 index 0000000..ce01362 --- /dev/null +++ b/tests/runtime_check_1776790415_1_2.tmp @@ -0,0 +1 @@ +hello diff --git a/tests/runtime_check_1776790415_1_3.tmp b/tests/runtime_check_1776790415_1_3.tmp new file mode 100644 index 0000000..c30b5b8 --- /dev/null +++ b/tests/runtime_check_1776790415_1_3.tmp @@ -0,0 +1,2 @@ +[vuln_buffer_overflow] Unsafe input demo +Enter a word: You entered: hello diff --git a/tests/runtime_check_1776790415_1_4.tmp b/tests/runtime_check_1776790415_1_4.tmp new file mode 100644 index 0000000..7ac5ad7 --- /dev/null +++ b/tests/runtime_check_1776790415_1_4.tmp @@ -0,0 +1,5 @@ +[stack_layout_demo] Stack address observation +Address of main_local: 0061FE4C +Address of buffer: 0061FE10 +Address of x: 0061FE0C +Address of parameter demo_id: 0061FE34 diff --git a/tests/runtime_check_1776790415_2_5.tmp b/tests/runtime_check_1776790415_2_5.tmp new file mode 100644 index 0000000..b20553a --- /dev/null +++ b/tests/runtime_check_1776790415_2_5.tmp @@ -0,0 +1 @@ +AAAAAAAAAAAAAAAAAAAAAA diff --git a/tests/runtime_check_1776790415_2_6.tmp b/tests/runtime_check_1776790415_2_6.tmp new file mode 100644 index 0000000..963a84d --- /dev/null +++ b/tests/runtime_check_1776790415_2_6.tmp @@ -0,0 +1,9 @@ +[overflow_behavior_demo] Deterministic overflow impact demo +Value of x before input: 10 +Enter input: Input length: 22 +WARNING: Input length (22) exceeds buffer capacity (15). +Simulated bytes written past buffer: 4 +Bytes that reached adjacent int: 4 of 4 +Adjacent int bytes after simulation: 41 41 41 41 +Value of x after simulated copy: 1094795585 +Buffer preview: AAAAAAAAAAAAAAAA diff --git a/tests/runtime_check_1776790415_3_7.tmp b/tests/runtime_check_1776790415_3_7.tmp new file mode 100644 index 0000000..d20938b --- /dev/null +++ b/tests/runtime_check_1776790415_3_7.tmp @@ -0,0 +1,11 @@ +[control_flow_simulation] Conceptual control-flow demo +Address of safe_function: 00402604 +Address of target_function: 00402630 +Address of func_ptr var: 0061FE4C + +Calling through function pointer (before change): +safe_function(): normal control flow path. + +Simulating conceptual pointer corruption by manual reassignment... +Calling through function pointer (after change): +target_function(): alternate control flow path. diff --git a/tests/runtime_check_1776791270_0_0.tmp b/tests/runtime_check_1776791270_0_0.tmp new file mode 100644 index 0000000..ce01362 --- /dev/null +++ b/tests/runtime_check_1776791270_0_0.tmp @@ -0,0 +1 @@ +hello diff --git a/tests/runtime_check_1776791270_0_1.tmp b/tests/runtime_check_1776791270_0_1.tmp new file mode 100644 index 0000000..949ec06 --- /dev/null +++ b/tests/runtime_check_1776791270_0_1.tmp @@ -0,0 +1,2 @@ +[safe_input_demo] Safe input demo +Enter text: You entered safely: hello diff --git a/tests/runtime_check_1776791270_1_2.tmp b/tests/runtime_check_1776791270_1_2.tmp new file mode 100644 index 0000000..ce01362 --- /dev/null +++ b/tests/runtime_check_1776791270_1_2.tmp @@ -0,0 +1 @@ +hello diff --git a/tests/runtime_check_1776791270_1_3.tmp b/tests/runtime_check_1776791270_1_3.tmp new file mode 100644 index 0000000..c30b5b8 --- /dev/null +++ b/tests/runtime_check_1776791270_1_3.tmp @@ -0,0 +1,2 @@ +[vuln_buffer_overflow] Unsafe input demo +Enter a word: You entered: hello diff --git a/tests/runtime_check_1776791270_2_4.tmp b/tests/runtime_check_1776791270_2_4.tmp new file mode 100644 index 0000000..7ac5ad7 --- /dev/null +++ b/tests/runtime_check_1776791270_2_4.tmp @@ -0,0 +1,5 @@ +[stack_layout_demo] Stack address observation +Address of main_local: 0061FE4C +Address of buffer: 0061FE10 +Address of x: 0061FE0C +Address of parameter demo_id: 0061FE34 diff --git a/tests/runtime_check_1776791270_2_5.tmp b/tests/runtime_check_1776791270_2_5.tmp new file mode 100644 index 0000000..b20553a --- /dev/null +++ b/tests/runtime_check_1776791270_2_5.tmp @@ -0,0 +1 @@ +AAAAAAAAAAAAAAAAAAAAAA diff --git a/tests/runtime_check_1776791270_2_6.tmp b/tests/runtime_check_1776791270_2_6.tmp new file mode 100644 index 0000000..963a84d --- /dev/null +++ b/tests/runtime_check_1776791270_2_6.tmp @@ -0,0 +1,9 @@ +[overflow_behavior_demo] Deterministic overflow impact demo +Value of x before input: 10 +Enter input: Input length: 22 +WARNING: Input length (22) exceeds buffer capacity (15). +Simulated bytes written past buffer: 4 +Bytes that reached adjacent int: 4 of 4 +Adjacent int bytes after simulation: 41 41 41 41 +Value of x after simulated copy: 1094795585 +Buffer preview: AAAAAAAAAAAAAAAA diff --git a/tests/runtime_check_1776791270_2_7.tmp b/tests/runtime_check_1776791270_2_7.tmp new file mode 100644 index 0000000..503ba78 --- /dev/null +++ b/tests/runtime_check_1776791270_2_7.tmp @@ -0,0 +1,11 @@ +[control_flow_simulation] Conceptual control-flow demo +Address of safe_function: 00402620 +Address of target_function: 0040264C +Address of func_ptr var: 0061FE4C + +Calling through function pointer (before change): +safe_function(): normal control flow path. + +Simulating conceptual pointer corruption by manual reassignment... +Calling through function pointer (after change): +target_function(): alternate control flow path.