Add TD7

content/secu_logicielle/td7-analyse_statique_dynamique/files/q5/.gdbinit

@@ -0,0 +1 @@
+python import pframe

content/secu_logicielle/td7-analyse_statique_dynamique/files/q5/Makefile

@@ -0,0 +1,38 @@
+CFLAGS=-g -Wall -Wextra -Wno-unused-parameter
+LDLIBS=-lpthread
+C=$(wildcard *.c)
+O=$(C:.c=)
+A=$(C:.c=.asan)
+L=$(C:.c=.lsan)
+U=$(C:.c=.usan)
+T=$(C:.c=.tsan)
+
+pframe:
+	curl -o pframe.tgz  https://dept-info.labri.fr/~thibault/SecuLog/pframe.tgz && \
+		tar -xf pframe.tgz &&\
+		rm -rf pframe.tgz
+
+.gdbinit:
+
+configure: pframe .gdbinit
+	$(shell echo "python import pframe" > .gdbinit) 
+
+all: $O $A $U $T
+
+%.asan: %.c
+	$(CC) -fsanitize=address -fPIC $< -o $@ $(CFLAGS) $(LDLIBS)
+%.lsan: %.c
+	$(CC) -fsanitize=leak -fPIC $< -o $@ $(CFLAGS) $(LDLIBS)
+%.usan: %.c
+	$(CC) -fsanitize=undefined -fPIC $< -o $@ $(CFLAGS) $(LDLIBS)
+%.tsan: %.c
+	$(CC) -fsanitize=thread -fPIC $< -o $@ $(CFLAGS) $(LDLIBS)
+
+PHONY: gdb_% configure
+gdb_%: $(subst gdb_,,%)
+	PYTHONPATH=${PWD}/pframe${PYTHONPATH:+:${PYTHONPATH}} gdb $<
+
+
+PHONY: clean
+clean:
+	rm -f $O $A $L $U $T pframe .gdbinit

content/secu_logicielle/td7-analyse_statique_dynamique/files/q5/pframe/README

@@ -0,0 +1,9 @@
+Once unpacked this to, e.g. $HOME,
+
+- Add this to .bashrc:
+
+export PYTHONPATH=$HOME/pframe${PYTHONPATH:+:${PYTHONPATH}}
+
+- Add this to .gdbinit:
+
+python import pframe

content/secu_logicielle/td7-analyse_statique_dynamique/files/q5/pframe/__init__.py

@@ -0,0 +1 @@
+__all__ = [ "pframe" ]

content/secu_logicielle/td7-analyse_statique_dynamique/files/q5/pframe/pframe.py

@@ -0,0 +1,93 @@
+import gdb
+
+class PrintFrame (gdb.Command):
+
+    def __init__ (self):
+        super (PrintFrame, self).__init__ ("pframe", gdb.COMMAND_STACK)
+
+    def syntax (self):
+        print("Syntax: pframe[/nn][/-mm] where nn is the number of longs to be printed above sp (16 by default) and mm is the number of longs to be printed below sp (0 by default in 32bit, 16 by default in 64bit)")
+
+    def invoke (self, arg, from_tty):
+        try:
+            wordstar = gdb.lookup_type("unsigned long").pointer()
+            wordsize = gdb.lookup_type("unsigned long").sizeof
+
+            nabove = 16
+            if wordsize == 4:
+                nbelow = 0
+            else:
+                nbelow = 16
+
+            if arg:
+                l = arg.split('/')
+                if l[0] != '':
+                    self.syntax()
+                    return
+                for i in l[1:]:
+                    try:
+                        n = int(i)
+                        if n >= 0:
+                            nabove = n
+                        if n < 0:
+                            nbelow = -n
+                    except:
+                        self.syntax()
+                        return
+
+            frame = gdb.selected_frame()
+            sp = frame.read_register('sp')
+            if wordsize == 4:
+                bp = frame.read_register('ebp')
+                ip = frame.read_register('eip')
+            else:
+                bp = frame.read_register('rbp')
+                ip = frame.read_register('rip')
+            last = -nbelow*wordsize-1
+            prevbp = bp.cast(wordstar).dereference()
+
+            if bp >= sp and bp < sp + 512:
+                start = bp - sp + wordsize*8
+            else:
+                start = 0
+            if start < wordsize*nabove:
+                start = wordsize*nabove
+
+            for offset in range(start, last, -wordsize):
+                addr = sp + offset
+                s = '0x{:x}'.format(int(addr))
+
+                if ip >= addr and ip < addr + wordsize:
+                    s += ' ip'
+                else:
+                    s += '   '
+
+                if addr == bp:
+                    s += '   bp'
+                elif bp >= sp and addr == bp + wordsize:
+                    s += ' ret@'
+                elif bp >= sp and addr == bp + 2*wordsize and (prevbp == 0 or addr < prevbp):
+                    s += ' arg1'
+                elif bp >= sp and addr == bp + 3*wordsize and (prevbp == 0 or addr < prevbp):
+                    s += ' arg2'
+                elif bp >= sp and addr == bp + 4*wordsize and (prevbp == 0 or addr < prevbp):
+                    s += ' arg3'
+                elif bp >= sp and addr == bp + 5*wordsize and (prevbp == 0 or addr < prevbp):
+                    s += ' ... '
+                else:
+                    s += '     '
+
+                if addr == sp:
+                    s += ' sp '
+                else:
+                    s += '    '
+
+                val = int(addr.cast(wordstar).dereference())
+                s += ('0x{:0'+str(wordsize*2)+'x}').format(val)
+                print(s)
+
+        except gdb.error:
+            print("Is the program running?")
+
+PrintFrame ()
+

content/secu_logicielle/td7-analyse_statique_dynamique/files/q5/test-overrun-data.c

@@ -0,0 +1,11 @@
+#include <stdlib.h>
+#include <stdio.h>
+
+char c[10];
+
+int main(void) {
+	c[10] = 1;
+	c[-1] = 1;
+
+	return 0;
+}

content/secu_logicielle/td7-analyse_statique_dynamique/files/q5/test-overrun-stack.c

@@ -0,0 +1,10 @@
+#include <stdlib.h>
+#include <stdio.h>
+
+int main(void) {
+	char c[10];
+	c[10] = 1;
+	c[-1] = 1;
+
+	return c[10];
+}

content/secu_logicielle/td7-analyse_statique_dynamique/files/q5/test-overrun.c

@@ -0,0 +1,10 @@
+#include <stdlib.h>
+#include <stdio.h>
+
+int main(void) {
+	char *c = malloc(10);
+	c[10] = 1;
+	free(c);
+
+	return 0;
+}