wrong statement on chapter 5?

Robert Connolly robert at linuxfromscratch.org
Thu Nov 15 14:41:39 PST 2007


On Thursday November 15 2007 10:36:00 am naruto canada wrote:
> hi
>
> the cocoon page has made a wrong statement or given wrong examples?
>
> gcc -o strcat-overflow strcat-overflow.c -U_FORTIFY_SOURCE
> ./strcat-overflow 2345678
> ./strcat-overflow 23456789
> ./strcat-overflow 234567890
>
> gcc -o strcat-overflow strcat-overflow.c -fno-stack-protector
> ./strcat-overflow 2345678
> ./strcat-overflow 23456789
> ./strcat-overflow 234567890
>
> gcc -o strcat-overflow strcat-overflow.c
> ./strcat-overflow 2345678
> ./strcat-overflow 23456789
> ./strcat-overflow 234567890
>
> the page states that there shouldn't be any seg faults, maybe that was
> wrong? shouldn't this flag "-fno-stack-protector" disable stack guard and
> actually cause a seg fault?

Fortify_sources catches overflows before stack protector, so -U_FORTIFY_SOURCE 
allows stack protector to be tested here. The -fno-stack-protector isn't 
really needed, the result should be the same with or without it... 
fortify_source checking will terminate the program.

If the program does a segmentation fault then something is wrong, and neither 
checking worked... the fortify_source patch for GCC probably wasn't applied. 
I'd suggest retrying with '-D_FORTIFY_SOURCE=2 -O', to see if it works 
manually.

robert

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/hlfs-dev/attachments/20071115/8c2d5744/attachment.sig>


More information about the hlfs-dev mailing list