gcc stack-smashing protector (for gcc-2.95.3)

Hiroaki Etoh etoh@trl.ibm.co.jp
Thu May 17 22:24:00 GMT 2001 

 This patch introduces -fstack-protector option, which is a stack-smashing 
protection mechanism to the current release (gcc-2.95.3).
This patch and new files (protector.h and protector.c) are bootstraped
and tested on i386-pc-linux-gnu and powerpc-ibm-aix4.3.3.0.

I made a stack protected version of FreeBSD 4.2 using this patch, in
which all applications and kernel was compiled with this flag. I also
made a stack protected version of Redhat 6.2. Some people are using
these systems without trouble and they feel its performance is
good. Both system detects the recent buffer overflow exploits,
e.g. bind and ntpd.

Please see the web page
( http://www.trl.ibm.co.jp/projects/security/ssp/ ) for details and
what is a stack-smashing protection.

Hiroaki Etoh,  Tokyo Research Laboratory, IBM Japan

2001-05-18  Hiroaki Etoh  <etoh@jp.ibm.com>

	* Add -fstack-protector option, which enables generating the stack
	protection code to detect buffer overflow and the stop its
	execution
	
	* protector.c: New file
	* protector.h: New file

	* Makefile.in: Add new file protector.c and new library member
	_stack_smash_handler in libgcc2.c
	* builtins.c (get_memory_rtx): Specify EXPAND_NORMAL as an argument of
	expand_expr in the case of using stack smashing protection
	* cse.c (cse_insn): Don't record equivalence of the register that
	duplicates a pointer in a function argument to prevent the corruption
	of buffer overflow
	* dbxout.c (dbxout_parms): Change the debug info of duplicated
	pointer argument in the case of using stack smashing protection
	* expr.c (expand_expr):  Specify ro_modifier in stead of EXPAND_SUM as
	an argument of expand_expr in the case of stack smashing protection
	* function.c (assign_stack_temp_for_type, combine_temp_slots): Add the
	special handling of character buffer for the reuse of
	allocated stack space
	* function.c (put_reg_into_stack): Change the location of allocated
	stack area for the spilled-out pseuso register in the case of stack
	smashing protection
	* gcse.c (cprop_insn): Don't eliminate the register that duplicates
	a pointer in a function argument to prevent the corruption
	of buffer overflow
	* integrate.c (expand_inline_function): Specify EXPAND_NORMAL as an
	argument of expand_expr in the case of using stack smashing protection
	* libgcc2.c (__guard_setup, __stack_smash_handler): New function.
	* reload1.c (alter_reg): Change the location of allocated stack area
	for the spilled-out pseuso register in the case of
	stack smashing protection
	* toplev.c (rest_of_compilation, f_options): Add the function of
	stack smashing protection

More information about the Gcc-patches mailing list