Re: ProPolice/SSP in 7.0


On Fri, Dec 28, 2007 at 08:20:20PM -0600, Mike Silbersack wrote:
Since the subject came up, I just tried using it, and it's not giving me the
results I expected. Take the following program:

#include <stdio.h>
#include <stdlib.h>
#include <string.h>

void overrun(void);

int main(void)

void overrun(void)
int x;
char a[4];
int y;

strcpy(a, "ABCDE");

If I compile it like so:
cc -g -fstack-protector-all overrun.c

The overrun is detected and the program is aborted.
Abort (core dumped)

But if I compile it like so:
cc -g -fstack-protector overrun.c

The overrun is not caught.

Either I'm doing something wrong, or we have gcc misconfigured and it's not
detecting that strcpy is a function which needs to be watched closedly.

Actually, you did nothing wrong. Except maybe not wasting time to look
at GCC info page ;).

% `-fstack-protector'
% Emit extra code to check for buffer overflows, such as stack
% smashing attacks. This is done by adding a guard variable to
% functions with vulnerable objects. This includes functions that
% call alloca, and functions with buffers larger than 8 bytes. The
% guards are initialized when a function is entered and then checked
% when the function exits. If a guard check fails, an error message
% is printed and the program exits.

I believed it was possible to customize this threshold (I'm pretty sure
I've already seen such an option in some patch floating around GCC
community) but a quick glance a the source shows it is not possible

Jeremie Le Hen
< jeremie at le-hen dot org >< ttz at chchile dot org >
freebsd-security@xxxxxxxxxxx mailing list
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"