Assertion failed! esp32

OsamaBillah
Posts: 3
Joined: Wed Nov 15, 2023 1:25 pm

Assertion failed! esp32

Postby OsamaBillah » Wed Nov 15, 2023 1:31 pm

Hi, I'm learing to check how bufferoverflow happen what kind of mistake the developers do. and for that my supervisor told me to write the code and he helped me. As we know first we have to perform windowoverflow and then bufferoverflow. and for that i worte below code:
  1. #include <stdio.h>
  2. #include <stdbool.h>
  3. #include <unistd.h>
  4. #include <string.h>
  5.  
  6.  
  7. void function_A(){
  8.  
  9.     asm("");
  10.  
  11. }
  12.  
  13. void function_B(){
  14.     function_A();
  15. }
  16.  
  17.  
  18. char myNumbers[] = {1, 2, 3, 4,5, 6, 7, 8,9, 10, 11, 12,13, 14, 15, 16,17, 18, 19, 20,21, 22, 23, 24,25, 26, 27, 28,29, 30, 31, 32,33, 34, 35, 36,
  19.         1, 2, 3, 4,5, 6, 7, 8,9, 10, 11, 12,13, 14, 15, 16,17, 18, 19, 20,21, 22, 23, 24,25, 26, 27, 28,29, 30, 31, 32,33, 34, 35, 36,
  20.         1, 2, 3, 4,5, 6, 7, 8,9, 10, 11, 12,13, 14, 15, 16,17, 18, 19, 20,21, 22, 23, 24,25, 26, 27, 28,29, 30, 31, 32,33, 34, 35, 36,
  21.         };
  22.  
  23. void function_C(){
  24.     function_B();
  25.  
  26.     char small_array[] = {'a','b','c','d'};
  27.     strcpy(small_array, myNumbers);
  28.  
  29. }
  30.  
  31. void function_D(){
  32.     function_C();
  33. }
  34.  
  35.  
  36. void app_main(void)
  37. {
  38.     function_D();
  39.  
  40. }

error::
Assertion failed!


Program: C:\Espressif\tools\openocd-esp32\v0.11.0-esp32-20221026\openocd-esp32\bin\openocd.exe
File: ../src/flash/nor/esp_flash.c, Line 1129


Expression: sw_bp->insn_sz <= sizeof(sw_bp->insn)

Note::

Addresses are calculated correctly.

User avatar
mbratch
Posts: 303
Joined: Fri Jun 11, 2021 1:51 pm

Re: Assertion failed! esp32

Postby mbratch » Thu Nov 16, 2023 3:00 pm

I'm not sure what your question is.

The example code will overwrite the stack and cause undefined behaviour.

OsamaBillah
Posts: 3
Joined: Wed Nov 15, 2023 1:25 pm

Re: Assertion failed! esp32

Postby OsamaBillah » Thu Nov 16, 2023 3:08 pm

so basically I want to learn how bufferoverflow attack works. and for that i worte the mention code. this code first create windowoverflow and then come to underflow and then to doubleexception so that i know that overflow happend and this is what i want. but my code while debugging and when debugger comes to function_c
  1. void function_C(){
  2.     function_B();
  3.  
  4.     char small_array[] = {'a','b','c','d'};
  5.     strcpy(small_array, myNumbers);
  6.  
  7. }
it has to go to function_B so that windowoverflow happed first and then the rest. but it directly comes to thee strcpy so the other steps missed and then it give me the Assertion failed

ESP_Sprite
Posts: 9730
Joined: Thu Nov 26, 2015 4:08 am

Re: Assertion failed! esp32

Postby ESP_Sprite » Fri Nov 17, 2023 1:15 am

That's because the compiler sees a bunch of your functions do nothing or very little and inlines them or skips them alltogether. proof.

User avatar
mbratch
Posts: 303
Joined: Fri Jun 11, 2021 1:51 pm

Re: Assertion failed! esp32

Postby mbratch » Fri Nov 17, 2023 8:17 pm

ESP_Sprite wrote:
Fri Nov 17, 2023 1:15 am
That's because the compiler sees a bunch of your functions do nothing or very little and inlines them or skips them alltogether. proof.
Is there a compiler option the OP can set which turns off all the optimizations?

OsamaBillah
Posts: 3
Joined: Wed Nov 15, 2023 1:25 pm

Re: Assertion failed! esp32

Postby OsamaBillah » Fri Nov 17, 2023 8:34 pm

That's what I'm looking for. that somehow I can turns off all the optimizations. then maybe it can work.

MicroController
Posts: 1706
Joined: Mon Oct 17, 2022 7:38 pm
Location: Europe, Germany

Re: Assertion failed! esp32

Postby MicroController » Sat Nov 18, 2023 1:22 pm

asm volatile (""); makes a function look "not empty" to the compiler, and __attribute__((noinline)) reduces the chances of a function being inlined.

MicroController
Posts: 1706
Joined: Mon Oct 17, 2022 7:38 pm
Location: Europe, Germany

Re: Assertion failed! esp32

Postby MicroController » Sat Nov 18, 2023 1:31 pm

OsamaBillah wrote:
Thu Nov 16, 2023 3:08 pm
this code first create windowoverflow and then ...
The ESP32's LX6 has 64 registers and gcc uses the CALL8 ABI, so each nested function call 'uses up' only 8 of the 64 registers.

Who is online

Users browsing this forum: Baidu [Spider] and 121 guests