gcc stack-smashing protector (for gcc-2.95.3)
Hiroaki Etoh
etoh@trl.ibm.co.jp
Thu May 17 22:24:00 GMT 2001
This patch introduces -fstack-protector option, which is a stack-smashing
protection mechanism to the current release (gcc-2.95.3).
This patch and new files (protector.h and protector.c) are bootstraped
and tested on i386-pc-linux-gnu and powerpc-ibm-aix4.3.3.0.
I made a stack protected version of FreeBSD 4.2 using this patch, in
which all applications and kernel was compiled with this flag. I also
made a stack protected version of Redhat 6.2. Some people are using
these systems without trouble and they feel its performance is
good. Both system detects the recent buffer overflow exploits,
e.g. bind and ntpd.
Please see the web page
( http://www.trl.ibm.co.jp/projects/security/ssp/ ) for details and
what is a stack-smashing protection.
Hiroaki Etoh, Tokyo Research Laboratory, IBM Japan
2001-05-18 Hiroaki Etoh <etoh@jp.ibm.com>
* Add -fstack-protector option, which enables generating the stack
protection code to detect buffer overflow and the stop its
execution
* protector.c: New file
* protector.h: New file
* Makefile.in: Add new file protector.c and new library member
_stack_smash_handler in libgcc2.c
* builtins.c (get_memory_rtx): Specify EXPAND_NORMAL as an argument of
expand_expr in the case of using stack smashing protection
* cse.c (cse_insn): Don't record equivalence of the register that
duplicates a pointer in a function argument to prevent the corruption
of buffer overflow
* dbxout.c (dbxout_parms): Change the debug info of duplicated
pointer argument in the case of using stack smashing protection
* expr.c (expand_expr): Specify ro_modifier in stead of EXPAND_SUM as
an argument of expand_expr in the case of stack smashing protection
* function.c (assign_stack_temp_for_type, combine_temp_slots): Add the
special handling of character buffer for the reuse of
allocated stack space
* function.c (put_reg_into_stack): Change the location of allocated
stack area for the spilled-out pseuso register in the case of stack
smashing protection
* gcse.c (cprop_insn): Don't eliminate the register that duplicates
a pointer in a function argument to prevent the corruption
of buffer overflow
* integrate.c (expand_inline_function): Specify EXPAND_NORMAL as an
argument of expand_expr in the case of using stack smashing protection
* libgcc2.c (__guard_setup, __stack_smash_handler): New function.
* reload1.c (alter_reg): Change the location of allocated stack area
for the spilled-out pseuso register in the case of
stack smashing protection
* toplev.c (rest_of_compilation, f_options): Add the function of
stack smashing protection
More information about the Gcc-patches
mailing list