jeremysinger · josephproject1 · Nov 8, 2023 · Nov 8, 2023 · Nov 8, 2023 · Nov 9, 2023
diff --git a/ApplicationCompartmentalization.c b/ApplicationCompartmentalization.c
@@ -0,0 +1,45 @@
+#include<cheri.h>
+#include<stdio.h>
+
+void componentA(){
+
+char buffer[128];
+
+//Assume cap_A is a capability  for component A's memory
+
+_capability char* buffer_cap = cheri_setbounds(buffer, sizeof(buffer));
+
+gets(buffer_cap); //protected by componentA's capability
+
+printf("componentA : You entered : %s\n", buffer);
+
+}
+
+void componentB (){
+
+int secret_data =42;
+
+//Assume cap_B is a capability for component B's memory
+
+// componentB has no access to componentA's memory 
+
+
+
+_capability int* secret_data_cap = cheri_setbounds(&secret_data, sizeof(secret_data));
+
+printf("componentB secret data is %d\n", *secret_data_cap);
+
+}
+
+int main() {
+
+// component A and component B are isolated with separate capabilities 
+
+componentA();
+componentB();
+
+return 0;
+
+} 
+
+
diff --git a/CHERIIn-Address-Space-Protection.c b/CHERIIn-Address-Space-Protection.c
@@ -0,0 +1,41 @@
+#include<cheri.h>
+
+struct capData {
+
+char data[100];
+
+};
+
+void component1(){
+
+struct capData* sharedData =(struct capData*)cheri_malloc(sizeof(struct capData));
+
+strcpy(sharedData->data, "Data from component1");
+
+//.. some code to pass sharedData to component2
+
+}
+
+//component2
+
+void component2(struct capData* sharedData) {
+
+printf("component2 read: %s\n",sharedData ->data);
+
+}
+
+int main() {
+
+
+struct capData* sharedData = NULL;
+
+component1(&sharedData);
+component2(sharedData);//ensures that capability restricts access
+
+cheri_free(sharedData);
+
+return 0;
+
+}
+
+
diff --git a/CHERIProvenanceOfPointer.c b/CHERIProvenanceOfPointer.c
@@ -0,0 +1,22 @@
+#include<cheri.h>
+#include<stdio.h>
+
+int main(){
+
+int myArray[10];
+
+int *ptr = &myArray[0]; // storing the pointer as a capability
+
+//perform a capability safe operation  - accessing a valid element 
+
+int myValue = *ptr; 
+
+// access within bounds
+
+int *new_ptr = ptr + 5; 
+
+printf("valid value : %d\n", myValue); 
+
+return 0;
+
+}
diff --git a/CHERISecureEncapsulation.c b/CHERISecureEncapsulation.c
@@ -0,0 +1,52 @@
+#include<cheri.h>
+#include<stdio.h>
+#include<string.h>
+
+struct Student{
+
+char name[100]; 
+
+int age;
+
+};
+
+//component1
+
+void component1(void* studentCapability){
+
+struct Student* student = cheri_setbounds(studentCapability,sizeof(struct Student));
+
+strcpy(student->name,"Alice");
+
+student->age=20;
+
+}
+
+//component2
+
+void component2(void* studentCapability){
+
+struct Student* student = cheri_setbounds(studentCapability,sizeof(struct Student));
+
+printf("componet2 reads: Name: %s, Age: %d\n", student->name, student->age);
+
+}
+
+int main (){
+
+//memory allocation for the student data 
+
+struct Student sharedStudent;
+
+void* studentCapability = cheri_setbounds(&sharedStudent,sizeof(struct Student));
+
+//components use capability to access the shared student data
+
+component1(studentCapability);
+component2(studentCapability);
+
+return 0;
+
+}
+
+
diff --git a/CHERIcapabilitySweepingRevocation.c b/CHERIcapabilitySweepingRevocation.c
@@ -0,0 +1,47 @@
+#include<cheri.h>
+#include<stdio.h>
+int main() {
+
+//create a capability to a memory region 
+
+int data[10] = {0};
+
+cheri_object data_cap;
+
+data_cap = cheri_build_data_cap(data, sizeof(data), CHERI_PERM_LOAD|CHERI_PERM_STORE);
+
+//read and write access capability
+
+int* cap_ptr = cheri_cast(int*, data_cap);
+
+//read and write data 
+
+cap_ptr[0] = 42; 
+
+int value = cap_ptr[0];
+
+printf("initial value: %d\n", value);
+
+//let's simulate a security breach or a vulnerability detection 
+
+//decide to revoke or write access to the memory region 
+
+cheri_set_perms(&data_cap,CHERI_PERM_LOAD);//revoke write permissions
+
+//attempting to write after revoking triggers an exception 
+
+//uncommenting this line would trigger a capability violation exception 
+
+//cap_ptr[1]=99;
+
+//however,read access remains allowed 
+
+int read_value = cap_ptr[1];
+
+printf("read only value: %d\n", read_value);
+
+return 0; 
+
+
+}
+
diff --git a/ExploitingBufferOverflow.c b/ExploitingBufferOverflow.c
@@ -0,0 +1,38 @@
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+int foo(char *str)
+
+{
+
+char buffer[100];
+
+/* The following statement has a buffer overflow problem */
+
+strcpy(buffer, str);
+
+return 1;
+
+
+}
+
+
+int main(int argc, char **argv)
+
+{
+
+char str[300];
+
+FILE *riskfile;
+
+riskfile = fopen("riskfile", "r");
+
+fread(str, sizeof(char), 300, riskfile);
+
+foo(str);
+
+printf("returned \n");
+
+return 1;
+}
diff --git a/LackofSecureEncapsulationIssue.c b/LackofSecureEncapsulationIssue.c
@@ -0,0 +1,51 @@
+#include<stdio.h>
+#include<stdlib.h>
+
+struct Student {
+
+char name[100];
+
+int age;
+
+};
+
+struct Student* create_student(char name*, int age);
+
+struct Student* student = (struct Student*)malloc(sizeof(struct Student));
+
+if(student){
+
+strcpy(student->name, name);
+
+student->age = age; 
+
+}
+
+return student; 
+
+}
+
+int main() {
+
+struct Student* student1 = create_student("Alice", 20);
+
+struct Student* student2 = create_student("Bob", 22);
+
+//unintentional access to students data (no encapsulation)
+
+printf("student1: %s,%d\n", student2->name, student2->age);
+
+free(student1);
+free(student2);
+
+return 0;
+
+}
+
+
+
+
+
+
+
+
diff --git a/LacksSingleInAddressSpaceProtection.c b/LacksSingleInAddressSpaceProtection.c
@@ -0,0 +1,30 @@
+#include<stdio.h>
+#include<string.h>
+
+char sharedData[100];
+
+//component1
+void component1(){
+
+strcpy(sharedData, "Data from component1");
+
+}
+
+//component2
+void component2(){
+
+printf("component2 reads: %s\n", sharedData);
+
+}
+
+int main(){
+
+component1();
+
+component2();
+
+return 0;
+
+}
+
+
diff --git a/MorelloPreventionofAnotherStackMachineBufferOverflowExample2.rst b/MorelloPreventionofAnotherStackMachineBufferOverflowExample2.rst
@@ -0,0 +1,34 @@
+===============================================
+"StackMachineBufferOverflowDetection" Example
+===============================================
+
+Buffer Overflow Protection 
+--------------------------
+For stack-based buffer overflow attackers or adversaries, need to modify the return address. 
+This means, if we can detect this modification before returning from a f(x) we can prevent it. There are different ways to achieve this
+1. We can store a copy of the return address not on the stack, so that it cannot be overwitten via a buffer overflow
+2. We can put a protection or a countermeasure strategy between a return address and the buffer 
+
+N.B Though we are not implementing any of those measures, Morello detects this vulnerability, terminates and prevents it 
+
+
+.. code-block:: C
+    /*
+     Buffer overflow detection 
+   */
+    #include <stdio.h>
+    #include <stdlib.h>
+
+   void foo(char *str)
+   {
+   char buffer[12];
+   /* Buffer Overflow Vulnerability */
+   strcpy(buffer, str);
+   }
+   int main(int argc, char *argv[])
+   {
+   foo(argv[1]);
+   printf("returned \n\n");
+   return 0;
+   }
+Morello detects buffer overflow again in this program and terminates it