User account creation filtered due to spam.

Bug 56046

Summary: the buffer overflow can escape from the stack protection in 64-bit linux system
Product: gcc Reporter: CocooWang <ws0520>
Component: middle-endAssignee: Not yet assigned to anyone <unassigned>
Status: UNCONFIRMED ---    
Severity: normal    
Priority: P3    
Version: 4.6.3   
Target Milestone: ---   
Host: Target:
Build: Known to work:
Known to fail: Last reconfirmed:
Attachments: the bug code

Description CocooWang 2013-01-19 13:40:19 UTC
Created attachment 29219 [details]
the bug code

system version :64-bit Ubuntu 12.04 lts
gcc version: 4.6.3
options:gcc source.c -o source
When compile and run a program with an error which will cause buffer overflow,the compiler can not dectect it.
The program below can compile and run correctly in my system(also works on my friend system which is no ubuntu but with gcc version 4.5.0)
#include <stdio.h>
#include <string.h>
	const char *a="123456789abcdef";
	char b[10];
	int i=0;
	return 0;
I attempt to copy a string whose length is 15 to a array whose length is 10,and it compiles and run correctly.The output is "123456789abcdef,15".
p.s. This will not succeed in 32-bit linux system.
Comment 1 CocooWang 2013-01-19 13:54:22 UTC
My freinds tests my code in CentOS!
Comment 2 Andreas Schwab 2013-01-19 16:16:08 UTC
The stack protection code cannot guarantee to detect every error.