Summary: | gcc-4.3.3 - fstack-protector not default | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | barthek <gejzer> |
Component: | Hardened | Assignee: | The Gentoo Linux Hardened Team <hardened> |
Status: | RESOLVED INVALID | ||
Severity: | normal | ||
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
barthek
2009-02-06 14:00:20 UTC
This is known and not a bug at this time. The gcc:4 hardened support does not include ssp at this time. It will most likely include ssp before being marked stable for hardened. hi solar, just wanted to clear sth up - in the gcc ive emerged (hardened) the stack protector is implemented, its just not enabled by default. x@x ~/src $ gcc -o exp exp.c x@x ~/src $ ./exp hehe Killed (this is where pax kicks in) x@x ~/src $ gcc -fstack-protector -o exp exp.c x@x ~/src $ ./exp hehe *** stack smashing detected ***: exp - terminated exp: stack smashing attack in function <unknown> - terminated Report to http://bugs.gentoo.org/ Killed x@x ~/src $ gcc -v Reading specs from /usr/lib/gcc/i686-pc-linux-gnu/4.3.3/specs Target: i686-pc-linux-gnu Configured with: /home/portagetmp/portage/sys-devel/gcc-4.3.3/work/gcc-4.3.3/configure --prefix=/usr --bindir=/usr/i686-pc-linux-gnu/gcc-bin/4.3.3 --includedir=/usr/lib/gcc/i686-pc-linux-gnu/4.3.3/include --datadir=/usr/share/gcc-data/i686-pc-linux-gnu/4.3.3 --mandir=/usr/share/gcc-data/i686-pc-linux-gnu/4.3.3/man --infodir=/usr/share/gcc-data/i686-pc-linux-gnu/4.3.3/info --with-gxx-include-dir=/usr/lib/gcc/i686-pc-linux-gnu/4.3.3/include/g++-v4 --host=i686-pc-linux-gnu --build=i686-pc-linux-gnu --disable-altivec --disable-fixed-point --disable-nls --with-system-zlib --disable-checking --disable-werror --enable-secureplt --disable-multilib --disable-libmudflap --disable-libssp --disable-libgomp --enable-cld --disable-libgcj --with-arch=i686 --enable-languages=c,c++,treelang --enable-shared --enable-threads=posix --enable-__cxa_atexit --enable-clocale=gnu --with-bugurl=http://bugs.gentoo.org/ --with-pkgversion='Gentoo 4.3.3 p1.0, pie-10.1.5' Thread model: posix gcc version 4.3.3 (Gentoo 4.3.3 p1.0, pie-10.1.5) |