tests in 5.9. cocoon toolchain

Petr Cerny peterph at centrum.cz
Wed Feb 13 09:27:51 PST 2008


Robert Connolly wrote:
> On Tuesday February 12 2008 11:20:57 am Petr Cerny wrote:
>> Hi,
>>
>> I'm a little bit confused by the section of important tests in 5.9.
>> (Version SVN-20080118) - should:
>>
>> $gcc -o strcat-overflow strcat-overflow.c -U_FORTIFY_SOURCE
>>
>> really produce stack-smashing-protected binary (as indicated by stated
>> output)? I'd rather expect it producing a non-protected program, which
>> is exactly what happens for my build (not by-the-book as I'm trying
>> x86-64).
> 
> The -U_FORTIFY_SOURCE does not disable stack protection. If the program does a 
> segmentation fault then ssp isn't on by default for you. Retry 
> with -fstack-protector-all just to see if it works. I don't think you applied 
> the gcc-fstack_protector patch. The ssp patch should work for every 
> architecture (the fpie patch probably doesn't work for x86-64).

Thanks for prompt answer. Meanwhile, I've made myself clear the 
difference between ssp and _FORTIFY_SOURCE - which was the cause of 
misunderstanfing in this case. The stack-smashing protector works for me 
in 64bit binary however, I had to supply the test program much longer 
string (about 25bytes) - maybe stack is differently organized or aligned 
on x86-64 or some additional registers get stored between the canary and 
the string?

As for the fpie patch: is there some (simple) way to test whether it 
works for x86-64? (It will probably require some update as there are 
some sections which modify only "32bit parts" of gcc).

Best regards
	Petr



More information about the hlfs-dev mailing list