DirtyFrame (formerly StackWipe, StackRandomizer) is a prototype tool which tries to provoke uninitilized data errors by filling stack frames with garbage before and after executing functions.

The results are negative so I believe the approach isn't viable.

Tool is implemented as a thin wrapper around GCC. You can build it via make all (generated files will be stored in $SRC/out).

To use it with standard Autoconf project, simply override CC and CXX variables:

~/src/gnutls-3.5.9/configure CC=$SRC/out/bin/rancc CXX=$SRC/out/bin/ran++

In general case you can use fake GCC wrapper:

PATH=$SRC/out/fake-gcc:$PATH make

To print diagnostic info during execution, export RANAS_VERBOSE=1 (higher levels are available too). To abort on warnings export RANAS_STRICT=1.

The tool didn't find anything in standard testsuites of

• libsndfile
• ffmpeg
• openssl
• tiff
• libpng
• libarchive
• sqlite
• bzip2
• libexpat

and first 500 packages of Debian package rating so I believe it's not very useful.

The tool is only meant to be a prototype so it has lots of limitations. Most prominent are

• only supports x86_64
• code is ugly