HLFS/amd64

Fix 4d876b82 at gmail.com
Sun Oct 21 09:25:03 PDT 2007


> Well, now that is interesting, considering that this happens under
> gcc-3.4.x, but not gcc-4.1.x.  So gcc-4.2.x brought the problem back?

#!/bin/sh
for i in `seq 1 200`; do
        gcc -o fgets-overflow fgets-overflow.c -U_FORTIFY_SOURCE -D_LENGTH_=$i >/dev/null 2>&1
        s=x
        while echo $s | ./fgets-overflow ${#s} >/dev/null 2>&1; do
                s=${s}x
        done
        echo $i ${#s} $((${#s} - ${i}))
done

$ ./test.sh | awk '{print $3}' | sort -unr | head -n1
16

So the biggest difference between array length and length needed to catch stack smashing is 16.

// wbr,
Fix
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/hlfs-dev/attachments/20071022/fad208d0/attachment.sig>


More information about the hlfs-dev mailing list