Home

Quercitools

Quercitools has just one tool for now - stackcheck.py. It helps in troubleshooting of stack overruns. Such defects destroy stack contents and locating the source of the problem is not easy. This is where stackcheck.py comes to help. It runs a program under test by gdb and protects some parts of the stack. If the program overwrites such parts stackcheck.py stops the program and point to the offending line of code.

Stackcheck uses hardware checkpoints for speed and doesn't step through the program, but as long as gdb is involved there is some performance penalty.

Installation

Unpack the distribution tar file into some directory. The latest version of gdb is recommended.

Synopsis

stackcheck.py [-g <path_to_gdb>] path_to_binary_under_test [arg1] ...

Description

If the program corrupts its stack:

1. Recompile the program (binary under test) to include debugging information (gcc –g);
2. Locate the preferred version of gdb and use its path; “gdb” is used by default;
3. Run stackcheck.py;

Stackcheck points to the code line that goes after the one that overwrote the stack.

Test

Included is test program test4.c that overwrites its stack. Test run:

$ cc -o test4 -g  test4.c
$ ./stackcheck.py -g /u/slozovsky/gdb/bin/gdb test4

=== Stack Overrun ===
Overwritten address: *0x7fffffffe360
Frame:
{'addr': '0x000000000040051a',
 'args': [{'name': 'a', 'value': '0x7fffffffe358'}],
 'file': 'test4.c',
 'fullname': '/usr/home/nfs/slozovsky/Development/gdb1/test4.c',
 'func': 'testf',
 'line': '12'}

Back trace (rbp, function address, function name):
0x7fffffffe340 0x000000000040050c testf
0x7fffffffe360 0x000000000040052d main

Project Members:

• Sergiy Lozovsky (admin)