How to turn off Glibc run-time protections?

Question

I am trying to learn about code vulnerabilities, and am testing some simple programs I wrote. However, many of the issues Glibc catches during runtime (e.g. Stack-Smashing,

Answer 1

You can overload operator new and operator delete, but that isn't going to help with a program that uses malloc and free. You can of course write your own implementations of those, also, but overloading C-library functions can be a bit challenging on some OSs.

What, conceptually, is the difference between a double free and free (unallocated_pointer) ?

Answer 2

Check the man page for malloc(3) for usage of the MALLOC_CHECK_ environment variable. Using this, you can turn off 'aborts' for those double free errors and whatnot to play with things.

man malloc

So if your program was called 'badfree', you can either set MALLOC_CHECK_ (note trailing underscore) with an export command, or just set it every execution of badfree.

export MALLOC_CHECK_=0
./badfree

--or--

MALLOC_CHECK_=0 ./badfree

Just remember if you use the first method, it's set for ANY program you run in that shell.

Settings for MALLOC_CHECK_ from the malloc(3) man page are:

MALLOC_CHECK_ =
 0  Silently ignore any issues
 1  Send error message to stderr
 2  abort() is called immediately, killing your program.
 3  Do both '1' and '2' (MALLOC_CHECK_ is a bitfield)

Answer 3

You should at least be able to turn off stack protection with

-fno-stack-protector

at compiletime

Edit: sorry, have just seen that this isn't enough for you

Doesn't seem to be easy because glibc is global for all programs, so it would be pretty bad if you could turn the protection off. My proposal would be to install an old linux distribution that has no heap protection (mid 2003 or earlier should work).