This is the mail archive of the
gcc@gcc.gnu.org
mailing list for the GCC project.
Re: Could we harden GCC's stack smashing? (Re: Adam Zabrocki's Adventure with stack smashing protection)
- From: Ian Lance Taylor <iant at google dot com>
- To: Steven Stewart-Gallus <sstewartgallus00 at mylangara dot bc dot ca>
- Cc: GCC Development <gcc at gcc dot gnu dot org>
- Date: Sat, 29 Mar 2014 13:03:10 -0700
- Subject: Re: Could we harden GCC's stack smashing? (Re: Adam Zabrocki's Adventure with stack smashing protection)
- Authentication-results: sourceware.org; auth=none
- References: <fae4ed9524428 dot 53370871 at langara dot bc dot ca>
On Sat, Mar 29, 2014 at 10:52 AM, Steven Stewart-Gallus
<sstewartgallus00@mylangara.bc.ca> wrote:
>
> Adam Zabrocki's Adventure with stack smashing protection at
> (http://blog.pi3.com.pl/?p=485 ) is kind of interesting. It lists some possible
> weaknesses in GCC's -fstack-protector. Given that the weaknesses happen when the
> stack has already been smashed I do not think they are critical but they do bug
> me. I think that the issues happen due to the fundamental problem with the
> approach that GCC's reporting method is taking. Instead of dealing with the
> messed up state of the process it could exec a whole new process or simply
> abort. We could also actually raise our own SIGSEGV signal. I coded up a small
> illustration of how the exec strategy would work.
Thanks. The code in question is actually part of glibc, not GCC. All
GCC does is call __stack_chk_fail. You may want to take your concerns
to the glibc developers--see http://sourceware.org/glibc.
GCC does have it's own copy of __stack_chk_fail in libssp, but it's
simpler than the glibc version.
Ian