fortify source question

Robert Connolly robert at linuxfromscratch.org
Wed Jan 14 13:44:28 PST 2009


For reasons I'm not aware of, Glibc allows buffer checking to go over the 
mark. I assume they are aware of it, but I have not checked into it. Libssp 
is more strict.

robert

On Saturday January 3 2009 10:50:18 am thorsten wrote:
> Hello there,
>
> this is a bit off-topic, however if someone could point me in the right
> direction, I would appreciate it.
>
> I am trying to build a toolchain based on the HLFS-SVN-20080603 (the
> last html-version) but with updated packages according to LFS 6.4. Which
> means:
>
> gcc-4.3.2
> binutils-2.18
> glibc-2.8-20080929
>
> So far, everything wored like a charm, however while testing my
> butterfly toolchain there seems to be some problem with fortify source:
>
> the fgets-overflow works like expected:
>  echo abcdefghijklm | ./fgets-overflow 14
> *** buffer overflow detected ***: ./fgets-overflow terminated
> ======= Backtrace:  [...]
>
> however the strcpy-overflow does not:
>
>  cat > strcpy-overflow.c << "EOF"
>
> > #include <string.h>
> > int main()
> > {
> >  char buf[2];
> >  strcpy(buf,"12345");
> >  return 0;
> > }
> > EOF
>
> root:~# gcc -o strcpy-overflow strcpy-overflow.c -static -L/usr/lib/static
> root:~#
>
> [ there is no warning about overflowing the buffer while compilng ]
>
> ./strcpy-overflow
> *** stack smashing detected ***: ./strcpy-overflow terminated
> ======= Backtrace:  [ ...]
>
> and the overflow seems to be detected by ssp, not fortify source.
> even compiling with
> gcc -o strcpy-overflow strcpy-overflow.c -static -L/usr/lib/static -Wall
> -Wextra -D_FORTIFY_SOURCE=2
> gives the same results.
>
> I disabled libssp in the gcc build, since glibc provides it. Could this
> be the reason? Or is gcc-4.3 the problem?
>
> I attached gcc -dumpspecs for info...
>
> thanks, thorsten


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/hlfs-dev/attachments/20090114/d552746b/attachment.sig>


More information about the hlfs-dev mailing list