This is the mail archive of the
gcc-bugs@gcc.gnu.org
mailing list for the GCC project.
[Bug middle-end/23221] New: -fstack-protector does not protect tail call functions
- From: "drepper at redhat dot com" <gcc-bugzilla at gcc dot gnu dot org>
- To: gcc-bugs at gcc dot gnu dot org
- Date: 3 Aug 2005 22:38:38 -0000
- Subject: [Bug middle-end/23221] New: -fstack-protector does not protect tail call functions
- Reply-to: gcc-bugzilla at gcc dot gnu dot org
Compiling this little bit of code with -fstack-protector-all
extern int foo (int);
int bar (int a, int b)
{
return foo (a + b);
}
produces on x86-64 the following object code:
0: 01 f7 add %esi,%edi
2: 64 48 8b 04 25 28 00 mov %fs:0x28,%rax
9: 00 00
b: 48 89 44 24 f8 mov %rax,0xfffffffffffffff8(%rsp)
10: 31 c0 xor %eax,%eax
12: e9 00 00 00 00 jmpq 17 <bar+0x17>
The canary is set up but not tested. Before the jump to the next function the
value must be checked. This also applies to -fstack-protector (with appropriate
input) and to all architectures.
--
Summary: -fstack-protector does not protect tail call functions
Product: gcc
Version: 4.1.0
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: middle-end
AssignedTo: unassigned at gcc dot gnu dot org
ReportedBy: drepper at redhat dot com
CC: gcc-bugs at gcc dot gnu dot org
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=23221