NetBurner 3.5.6
PDF Version
Stack Protection

Stack Protection Example

This application demonstrates various stack overflow and underflow protection methods for embedded systems using the NBRTOS real-time operating system.

Overview

The Stack Protection Example is designed to showcase how stack protection mechanisms work by intentionally triggering stack overflow conditions in a controlled manner. This educational tool helps developers understand stack protection features and their importance in embedded system development.

Features

  • Buffer Overflow Detection: Demonstrates overflow caused by writing past buffer boundaries
  • Call Stack Overflow Detection: Shows overflow through infinite recursion
  • Cross-Platform Support: Works on both ARM Cortex-M7 and Coldfire processors
  • Real-time Stack Monitoring: Provides live stack usage information
  • Interactive Menu System: User-selectable overflow scenarios

Architecture Support

ARM Cortex-M7

  • Supports monitoring of both stack overflow AND underflow simultaneously
  • Can monitor 2 memory ranges concurrently
  • Full stack protection capabilities enabled

Coldfire

  • Limited to monitoring a single memory range
  • Must choose between overflow OR underflow protection (not both)
  • Typically configured for overflow protection

Prerequisites

Required Configuration

To enable full functionality, the following preprocessor definitions must be set:

#define NBRTOS_STACKCHECK (1)
#define NBRTOS_STACKOVERFLOW (1)
#define NBRTOS_STACKUNDERFLOW (1)

Note**: For Coldfire processors, only enable either NBRTOS_STACKOVERFLOW or NBRTOS_STACKUNDERFLOW, not both.

Compiler Settings

The application requires the -fstack-check compiler flag to be enabled:

  • NBEclipse IDE: Right-click project > Properties > C/C++ Build > Settings > GNU C++ Compiler > Debugging > Enable "Enable stack checking (-fstack-check)"
  • Command Line: The flag is automatically included in the provided makefile

File Configuration

The configuration is handled through the predef-overload.h file, which automatically sets appropriate definitions based on the target processor:

  • Coldfire: Enables only stack overflow protection
  • Cortex-M7: Enables both overflow and underflow protection

Application Structure

Main Components

  1. bufferOverflow(): Creates a buffer overflow by writing beyond array boundaries
  2. callStackOverflow(): Triggers overflow through recursive function calls with multiple parameters
  3. UserMain(): Main application loop with interactive menu system

Menu Options

The application presents an interactive menu with the following options:

  1. Buffer Underflow - Demonstrates buffer boundary violations
  2. Call Stack Overflow - Shows recursive call stack exhaustion

Usage

  1. Build and Deploy: Compile the application with the provided makefile or IDE project
  2. Run Application: Execute on target hardware
  3. Monitor Output: Observe stack range information displayed at startup
  4. Select Test: Choose overflow scenario from the interactive menu
  5. Trigger Event: Press any key when prompted to initiate the overflow condition
  6. Observe Results: Watch as the stack protection mechanisms detect and respond to violations

Expected Output

Upon startup, the application displays:

  • Current stack space range (top and bottom addresses)
  • Available protection features status
  • Interactive menu for selecting overflow scenarios
  • Real-time feedback during overflow events

Safety Features

  • Stack Range Monitoring: Displays current stack boundaries
  • Controlled Overflow: Intentional violations for educational purposes
  • System Diagnostics: Built-in diagnostic capabilities
  • Protection Mechanisms: Hardware-assisted stack monitoring

Development Notes

Stack Monitoring

The application uses OSDumpTCBStacks() to display current stack information and EnableOSStackProtector() to activate protection mechanisms.

Memory Layout

Stack boundaries are defined by:

  • OSTCBStkTop: Top of stack address
  • OSTCBStkBot: Bottom of stack address

Time Delays

Strategic delays (OSTimeDly(1)) are inserted to allow observation of the overflow progression.

Important Warnings

This application is designed for educational and testing purposes only. It intentionally creates stack overflow conditions that would be catastrophic in production code. Do not use these techniques in production systems.

Build Instructions

Command Line

make clean
make all

IDE

Import the project into NBEclipse and build using the standard build process to rebuild libraries.

Troubleshooting

If stack protection features don't work as expected:

  1. Verify preprocessor definitions are correctly set
  2. Ensure -fstack-check compiler flag is enabled
  3. Confirm target processor type matches configuration
  4. Check that NBRTOS stack protection is supported on your platform