stack protector only aborts in 99.5%

Lasse Kliemann lasse-hlfs-2008 at mail.plastictree.net
Sun May 4 12:36:02 PDT 2008


My setup is as mentioned in 
<20080429142027.GB6923 at lasse.mail.plastictre.net>,
hence it is not a pure HLFS setup.

Test program is the one from the book:


#include <stdio.h>
#include <stdlib.h>
#include <string.h>
static void raw(char *, size_t);
static void
raw(char *b, size_t len) {
        b[len] = '\0';
}
int
main(int argc, char *argv[])
{
        char b[10];
        size_t len = atoi(argv[1]);
        (void)strncpy(b, "0000000000", sizeof(b));
        raw(b, len);
        (void)printf("%s\n", b);
        return 0;
}


Compiled with 
  gcc -U_FORTIFY_SOURCE overflow.c -o overflow
and invoked this way:
  ./overflow 10 > out 2>&1

The file `out' is then examined. A success is if it contains the string 
'Aborted' and not the string 'segmentation fault' (case-insensitive). I did 
several 10.000 runs, and in some cases (no more then 0.5%), the outcome is 
*not* a success. But instead, the file `out' contains the output of the 
program, i.e., 0000000000.

Is this the expected behavior? Could it become a problem?

What could I try to track this down further?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 835 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/hlfs-dev/attachments/20080504/b6e22a32/attachment.sig>


More information about the hlfs-dev mailing list