libssp abort/exit code

Robert Connolly robert at linuxfromscratch.org
Thu Jun 14 02:29:09 PDT 2007


Libssp, with Glibc and uClibc, gives an "Illegal instruction" (return code 
132) when an overflow is detected, instead of an "Aborted" (return code 134). 
This comes from the "__builtin_trap" in gcc/libssp/ssp.c.

It's ugly, but it works. GCC uses this because for their purposes it's more 
portable. I'm curious if it is safer to patch ssp.c to use 
sigfillset+sigdelset+sigprocmask, kill(getpid()), and _exit(127).

The "__builtin_trap" causes a dirty crash, while a kill and an exit is much 
cleaner. The "Illegal instruction" also confuses Bash, giving us a "write 
error: Broken pipe", depending on the program's input.

Do any of you know if either one is more vulnerable than the other?

robert
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/hlfs-dev/attachments/20070614/90ed8829/attachment.sig>


More information about the hlfs-dev mailing list