stack protector only aborts in 99.5%
robert at linuxfromscratch.org
Sat May 10 15:53:27 PDT 2008
The test programs could be improved to exploit the overflow rather than crash
The Libsafe test suite can also be used, and PaX's, to give you more diverse
tests, and to check that Glibc is doing it's job. They're more clear about
what is vulnerable and what is not.
On Saturday May 10 2008 06:40:07 pm Robert Connolly wrote:
> I did notice that Glibc needs more to overflow than Libssp. NetBSD's tests
> for Libssp work as-is with GCC's Libssp, but for Glibc I needed to add
> several more characters to overflow the test programs. I never checked why,
> and have no idea why.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 197 bytes
Desc: not available
More information about the hlfs-dev