ssp effectiveness

Frank Ianella fjianella at gmail.com
Mon Jul 14 15:36:44 PDT 2008


Hello all,

I recently finished a build of the uclibc-SVN-20080603 book. The tests
at the ends of both the cocoon and butterfly toolchains were the same
as indicated in the book.

Googling around, I came across a debian page with an ssp test program.
Compiling and running this code with hlfs-uclibc gcc resulted in a
segfault. I also built a glibc version of the hlfs up to chapter 5 and
retested the above. The result was the same. The url is:

http://www.debian-administration.org/articles/408

According to the book: If there is a "Segmentation Fault" anywhere,
then something is not right.

Any idea's on why this program is not aborted. It seems that this
would be an an easy exploit.

Many thanks,

-Frank



More information about the hlfs-dev mailing list