$ cc -v Using built-in specs. Target: i686-pc-linux-gnu Configured with: ./configure --prefix=/gcc Thread model: posix gcc version 4.3.3 (GCC) $ echo 'void f(void) { char buf[50]; g(buf); }' > 1.c $ echo 'void f(void) { int buf[50]; g(buf); }' > 2.c $ cc -fstack-protector -c 1.c # protects $ cc -fstack-protector -c 2.c # does not protect $ objdump -d 1.o 1.o: file format elf32-i386 Disassembly of section .text: 00000000 <f>: 0: 55 push %ebp 1: 89 e5 mov %esp,%ebp 3: 83 ec 48 sub $0x48,%esp 6: 65 a1 14 00 00 00 mov %gs:0x14,%eax c: 89 45 fc mov %eax,-0x4(%ebp) f: 31 c0 xor %eax,%eax 11: 8d 45 ca lea -0x36(%ebp),%eax 14: 89 04 24 mov %eax,(%esp) 17: e8 fc ff ff ff call 18 <f+0x18> 1c: 8b 45 fc mov -0x4(%ebp),%eax 1f: 65 33 05 14 00 00 00 xor %gs:0x14,%eax 26: 74 05 je 2d <f+0x2d> 28: e8 fc ff ff ff call 29 <f+0x29> 2d: c9 leave 2e: c3 ret $ objdump -d 2.o 2.o: file format elf32-i386 Disassembly of section .text: 00000000 <f>: 0: 55 push %ebp 1: 89 e5 mov %esp,%ebp 3: 81 ec d8 00 00 00 sub $0xd8,%esp 9: 8d 85 38 ff ff ff lea -0xc8(%ebp),%eax f: 89 04 24 mov %eax,(%esp) 12: e8 fc ff ff ff call 13 <f+0x13> 17: c9 leave 18: c3 ret $
http://gcc.gnu.org/onlinedocs/gcc-4.3.3/gcc/Optimize-Options.html#index-fstack_002dprotector-764 Hmm: Emit extra code to check for buffer overflows, such as stack smashing attacks. This is done by adding a guard variable to functions with vulnerable objects. This includes functions that call alloca, and functions with buffers larger than 8 bytes. Maybe it should say character buffers rather than just buffers here.
(In reply to Andrew Pinski from comment #1) > > Maybe it should say character buffers rather than just buffers here. Yeah, that would help clarify stuff a lot... the term "buffer" is kind of ambiguous as it currently stands, which makes it hard to know how exactly how to deal with warnings from "-Wstack-protector"... I had been trying messing with other sorts of buffers besides character buffers before reading this...
Someone brought this up on the gcc-help mailing list here: https://gcc.gnu.org/ml/gcc-help/2017-10/msg00134.html