CSE544 - Project #1 - SAFECode

Due Date: Th Feb 2, 2011.

In this assignment, you will learn about a tool that protects the type safety of C programs, called SafeCode. In the last ten years, researchers have explored a variety of methods to enforce type safety in C programs. People developed type safe versions of C (not just Java and C#, but more similar languages, such as Cyclone), developed methods to find type safety errors in C programs (Ccured), and add type safety checking code automatically (SAFECode). Since type safety eliminates a variety of potential vulnerabilities, having a type safety-protected C program would be very valuable.

Unfortunately (as I have found), these tools are not the easiest to install or use. So, we are going to do a little research together to figure out what they can do.

We have setup a machine with SAFECode for you to use: oxygen.cse.psu.edu. You will each get an account and a home directory in which to build programs using SAFECode and run them. You need to be careful with this machine, it belongs to one of my students.

The tar file provided has two programs and two libraries for SAFECode. Build the program test2.c first following these instructions. You will notice the addition of function calls in main to the type safety protection functions provided by SAFECode (using objdump -dl test2). When you run the resultant program, you will see the SAFECode type errors for the program.

The second program is victim.c, which has a buffer overflow vulnerability. When we include SAFECode, about 50 calls to SAFECode functions are added to the program. Look at the location of the calls to exactcheck2_debug. Can you determine what is being protected by this code?

NOTE: Currently, we are giving you line numbers in the victim.s (assembler) program. This makes the mapping more difficult, so hopefully, we will determine how to get the source line numbers in the binary, but we are looking into this.

Project Requirement (1): Please identify 5 calls to exactcheck2_debug and detail what is being protected and what attacks might be possible.

Project Requirement (2): When you run victim with SAFECode support, it raises an error (first error). What rule is being violated?

Trent Jaeger
Last modified: Jan 20 09:43:07 EST 2011