HLFS/amd64

Kevin Day thekevinday at gmail.com
Sun Oct 21 08:07:26 PDT 2007


On 10/20/07, Fix <4d876b82 at gmail.com> wrote:
> Hello.
>
> Just finished basic system with all HLFS patches  (glibc-2.6.1, gcc-4.2.2, binutils-2.18, amd64/multilib, dpkg
> as a package manager) and trying to compile and run test programs (strcpy-overflow.c, strcat-overflow.c,
> fgets-overflow.c)
>
> I noticed that SSP catches stack smashing in fgets-overflow.c only when I pass 25+ in the command line:
> (lesser value does nothing)
> $ echo abcdefghijklm111111111111111111111111111 | ./fgets-overflow 25
> abcdefghijklm11111111111
> *** stack smashing detected ***: ./fgets-overflow terminated
> Aborted
>
> when fgets-overflow.c is compiled as follows:
> $ gcc -o fgets-overflow fgets-overflow.c -U_FORTIFY_SOURCE
>
> But when I compile it as a 32-bit program, all goes as expected:
> $ gcc -m32 -o fgets-overflow fgets-overflow.c -U_FORTIFY_SOURCE
> $ echo abcdefghijklm111111111111111111111111111 | ./fgets-overflow 11
> abcdefghij
> *** stack smashing detected ***: ./fgets-overflow terminated
> Aborted
>
> Some data alignment?
>
>
> // wbr,
> Fix
>

Well, now that is interesting, considering that this happens under
gcc-3.4.x, but not gcc-4.1.x.  So gcc-4.2.x brought the problem back?

Or perhaps it was something to do with using the uClibc ssp vs the gcc
ssp. I cannot seem to precisely remember, myself.

-- 
Kevin Day



More information about the hlfs-dev mailing list