A tool for checking functions calls return protections. Report Bug · Request Feature
Table of Contents
Funcheck is a tool for checking functions calls return protections. It check if it is protected at runtime by making each call fail one by one and check if the program doesn't crash and handle the errors. This tool only works on Linux for now. *this tool can have undefined behavior on threaded programs (WIP)
You can see the list of handled functions and how to add new ones here: Hooked functions
- A GNU/Linux distribution
addr2lineorllvm-symbolizerfor getting symbolized stack traces (we advise you to usellvm-symbolizersince it gives more information)
bash -c 'bash <(curl -s https://raw.githubusercontent.com/tmatis/funcheck/main/scripts/install.sh)'You can choose to install temporarily, permanently or uninstall the tool. If you you want to update the tool, you can run the same command.
You can now use the funcheck command. (run funcheck --help for more information how to use it)
- A modern version of
gcc make
You need to build both the funcheck binary and the libfuncheck.so library.
git clone https://github.com/tmatis/funcheck.git
cd funcheckcd library
makecd ../host
makeYou now have the funcheck binary in the host directory and the libfuncheck.so library in the library directory.
You can launch ./funcheck --help to see how to use it.
You can add the host directory to your PATH to be able to use the funcheck command from anywhere.
funcheck [OPTIONS] ./program [PROGRAM PARAMETERS]-h, --help: Display the help message-v, --version: Display the version-t, --test-functions: Specify the functions to test --test-functions='malloc, calloc, realloc'-i, --ignore-functions: Specify the functions to ignore --ignore-functions='malloc, calloc, realloc'-j, --json-output: Output the result in json format-a, --track-allocations: Track memory allocations-o, --all-output: Output stdout and stderr of every test-c, --abort-as-crash: Treat abort() as a crash-b, --complete-backtrace: Keep unknowns functions and utils functions in backtrace-s --show-current-test: Show the current actually processed by funcheck
Contributions are what make the open source community such an amazing place to learn, inspire, and create. Any contributions you make are greatly appreciated.
If you have a suggestion that would make this better, please fork the repo and create a pull request. You can also simply open an issue with the tag "enhancement". Don't forget to give the project a star! Thanks again!
- Fork the Project
- Create your Feature Branch (
git checkout -b yourlogin/amazingfeature) - Commit your Changes (
git commit -m '<gitmoji> Add some AmazingFeature') - Push to the Branch (
git push origin yourlogin/amazingfeature) - Open a Pull Request
Funcheck - A tool for checking functions calls return protections Copyright (C) 2023 Theo Matis
This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program. If not, see https://www.gnu.org/licenses/.
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent