initial commit

compile-run.sh

@@ -0,0 +1,2 @@
+#!/bin/bash
+gcc -fPIC -shared -o pico8-fill-in.so pico8-fill-in.c && LD_PRELOAD="/usr/lib64/libc.so ./pico8-fill-in.so" ~/pico8/pico8_dyn -windowed 1

pico8-fill-in.c

@@ -0,0 +1,127 @@
+// pico8-fill-in.c // 16.11.2020 04:02
+
+#include <stddef.h>
+#include <stdio.h>
+#include <setjmp.h>
+#include <string.h>
+#include <stdarg.h>
+
+// https://refspecs.linuxbase.org/LSB_4.1.0/LSB-Core-generic/LSB-Core-generic/libc---strcpy-chk-1.html
+// TODO: actually check for overflows
+char * __strcpy_chk(char * dest, const char * src, size_t destlen) {
+	char *d = dest;
+
+	//printf("FUCK STRCPY %s :::: %s\n", src, dest);
+
+	while (*src != '\0') {
+		*d++ = *src++;
+	}
+	*d++ = *src++;
+	//printf("STRCPY FINAL %s\n", dest);
+
+	return dest;
+}
+
+// https://refspecs.linuxbase.org/LSB_4.1.0/LSB-Core-generic/LSB-Core-generic/libc---stpcpy-chk-1.html
+char * __stpcpy_chk(char * dest, const char * src, size_t destlen) {
+
+	printf("FUCK STPCPY %s :::: %s\n", src, dest);
+
+	return stpcpy(dest, src);
+}
+
+// https://refspecs.linuxbase.org/LSB_4.1.0/LSB-Core-generic/LSB-Core-generic/libc---strncpy-chk-1.html
+char * __strncpy_chk(char * dest, const char * src, size_t n, size_t dest_1len) {
+
+	printf("FUCK STRNCPY %s :::: %s\n", src, dest);
+
+	return strncpy(dest, src, n);
+}
+
+// https://refspecs.linuxbase.org/LSB_4.1.0/LSB-Core-generic/LSB-Core-generic/libc---strcat-chk-1.html
+// TODO: There's some good info being dumped here
+char * __strcat_chk(char * dest, const char * src, size_t destlen) {
+	//printf("!!! strcat %s :::: %s\n", src, dest);
+
+	char *res = strncat(dest, src, destlen);
+	
+	return res;
+}
+
+// https://refspecs.linuxbase.org/LSB_4.1.0/LSB-Core-generic/LSB-Core-generic/libc---memcpy-chk-1.html
+void * __memcpy_chk(void * dest, const void * src, size_t len, size_t destlen) {
+
+	//puts("FUCK MEMCPY \n");
+
+	return memcpy(dest, src, len);
+}
+
+// https://refspecs.linuxbase.org/LSB_4.1.0/LSB-Core-generic/LSB-Core-generic/libc---memset-chk-1.html
+void * __memset_chk(void * dest, int c, size_t len, size_t destlen) {
+
+	puts("FUCK MEMSET\n");
+
+	return memset(dest, c, len);
+}
+
+// https://refspecs.linuxbase.org/LSB_4.1.0/LSB-Core-generic/LSB-Core-generic/libc---printf-chk-1.html
+int __printf_chk(int flag, const char * format, ...) {
+	va_list args;
+
+	//printf("\nPRINTF\n");
+
+	va_start(args, format);
+	int ret = vprintf(format, args);
+	va_end(args);
+
+	return ret;
+}
+
+// https://refspecs.linuxbase.org/LSB_4.1.0/LSB-Core-generic/LSB-Core-generic/libc---fprintf-chk-1.htm
+int __fprintf_chk(FILE * stream, int flag, const char * format, ...) {
+	va_list args;
+
+	//printf("\nFPRINTF\n");
+
+	va_start(args, format);
+	int ret = vfprintf(stream, format, args);
+	va_end(args);
+
+	return ret;
+}
+
+// https://refspecs.linuxbase.org/LSB_4.1.0/LSB-Core-generic/LSB-Core-generic/libc---sprintf-chk-1.html
+// TODO: some intresting info
+int __sprintf_chk(char * str, int flag, size_t strlen, const char * format, ...) {
+	va_list args;
+
+	//printf("!!!ORIGINAL %s\n", str);
+
+	va_start(args, format);
+	// int ret = vsnprintf(str, strlen, format, args);
+	// TOOD: Look more into the nature of this function getting passed a -1
+	// strlen and how else it might be mitigated ?
+	int ret = vsprintf(str, format, args);
+	va_end(args);
+
+	//printf("!!! sprintf !!!ADR:%p !!!STRLEN:%i !!!RET::%i !!!FORMAT::%s\n!!!OUTPUT::%s\n", str, strlen, ret, format, str);
+
+	return ret;
+}
+
+void __longjmp_chk () {
+	// puts("FUCK LONG JMP\n");
+	asm("pop %rbp");
+	goto *(&longjmp);
+}
+
+void __fread_chk () {
+	// asm ("pop %rbp");
+	puts("FUCK FREAD\n");
+	// stub
+}
+
+
+
+
+