SECCOMP: How to imitate malloc, realloc and free?

Question

SECCOMP: How to imitate malloc, realloc and free?

I would like to execute arbitrary (potentially dangerous) binaries on my server. Therefore, I used objcopyto rename the "main" character to "other_main" so that I could associate my own little main function, which sets the appropriate value for RLIMIT_CPUand switches SECCOMPbefore calling other_main. So far, I am pleased with this decision.

Now the problem is that the third-party program code may contain some malloc calls that can kill the program immediately (sbrk is not allowed). Therefore, I would like to pre-allocate a reasonable size array (e.g. 20 MB) before the installation SECCOMP, which should be used by malloc / realloc / calloc / free. Unfortunately, I do not know how to archive the last step. Do I need to perform all these 4 functions on my own? How can I embed my own functions in stdlib (for example, what happens when printf calls malloc internally?).

+5

c gcc linux malloc seccomp

tux21b Jul 13 '12 at 20:29

source share

3 answers

malloc . libc, ( glibc, klibc dietlibc), . , seccomp mmap sbrk, malloc/free allocate . memmgr - , .

seccomp , , (, , ), , libc. :

glibc, exit _exit call exit_group
glibc, printf mmap
dietlibc, scanf ioctl
.. ..

, , , . , dietlibc ioctl , stdin tty, stdin, stdout. , , , .

, , seccomp . 2 ( "a.k.a." ), , , . github, seccomp 2, printf scanf, malloc/free.

+2

David Hovemeyer 26 . '12 21:17

seccompsandbox:

seccomp , RPC ( read/write socketpair) ( seccomp) , , mmap
, malloc ( , ) seccomp-

Chromium seccomp Sandbox , .

+1

ephemient 13 . '12 22:24

pmod · Accepted Answer · 2012-07-13T20:47:50+0000

malloc sbrk(), GNU mmalloc. , .

+ malloc

SECCOMP: How to imitate malloc, realloc and free?

More articles: