[PATCH] Fix Stack Smashing Protector to protect functions with wchar_t arrays

Stefan Schulze Frielinghaus stefan@seekline.net
Sun Oct 19 05:51:00 GMT 2008


On Fri, 2008-09-26 at 19:34 +0200, Stefan Schulze Frielinghaus wrote:
> On Thu, 2008-09-25 at 14:45 -0700, Andrew Pinski wrote:
> > On Thu, Sep 25, 2008 at 7:58 AM, Stefan Schulze Frielinghaus
> > <stefan@seekline.net> wrote:
> > >
> > > On Wed, 2008-09-24 at 11:22 -0700, Andrew Thomas Pinski wrote:
> > >> You cannot include c-common.h in the cfgexpand.c as some languages
> > >> don't implement any thing in c-common.h.
> > >
> > > Couldn't we move the wchar defines to tree.h too?
> > > Then we wouldn't need to include the c-common.h file.
> > > But I'm really not sure if that's the right way because I don't now how
> > > the integer_type_kind enum is used. See attached patch.
> > 
> > Also I don't think this will work for C code where wchar_t is a
> > typedef.

Yeah right. But SSP won't detect e.g. the following:

struct { int a, b, c; } buf;
strcpy ((char*)&buf, ">>>buffer overflow<<<");

It's just best practices. If you have a peace of code you don't trust
you may want to use -fstack-protector-all. SSP won't be perfect. But
with the attached patch there is some chance that GCC will detect some
arrays and protect them.

> What about the new UTF-16 and UTF-16 types too?
> 
> Sure these one would need to be protected too. I'm note aware of how
> they are constructed so I can't say that much about them. I will have a
> look at them this weekend.

Like the same with wchar_t. See attached patch.

> 
> > So if I read your patch and the code correctly this is so
> > -fstack-protect does the same does the same for wchar_t and char
> > arrays, correct? 
> 
> Yes. This was my intention.
> 
> > I wonder why we make char arrays as special anyways.
> >  Seems like any integer arrays should be handled the same way.
> 
> There was some discussion about this too. In the end the decision was to
> only protect functions with character arrays. Because the overhead would
> be to high to protect also integer arrays and so. I _guess_ that
> statistically more character arrays (ak strings) overflow than
> integer/float arrays. If you want to protect all functions (nevertheless
> if they include an array of any type or not) use -fstack-protector-all
> 
> In the end the previous attached patch should solve the gap between
> protecting functions with character arrays and wide character arrays.
> 
> cheers
> Stefan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: gcc.patch
Type: text/x-patch
Size: 2644 bytes
Desc: not available
URL: <http://gcc.gnu.org/pipermail/gcc-patches/attachments/20081019/82c1aa9d/attachment.bin>


More information about the Gcc-patches mailing list