On Wed, 2010-05-12 at 12:35 +1000, Allan McRae wrote: > Hi, > > We have a bug report asking to enable stack-smashing protection in our > package building. Looking at the overhead estimates by other distros > that use it, overall it appears fairly minimal (OpenBSD says 1.3% on > average). There used to be some build issues (see bottom of this page > for Ubuntu report: https://wiki.ubuntu.com/GccSsp), but I am not sure of > the current status. Also, it can be disabled with -fno-stack-protector > if needed. > > I am in favour of doing this. I think adding -fstack-protector is > enough as that adds protection to only functions "vulnerable" to buffer > overflows (as defined by gcc... mainly character arrays) while > -fstack-protector-all adds it to all functions. > > We should maybe also add -D_FORTIFY_SOURCE=2. This detects some buffer > overflows compile time and others at run time. It was designed to have > minimal runtime overhead. > > Any opinions?
Given the fact that GCC 4.5 produces broken binaries with software that needs -fno-strict-aliasing (busybox comes to mind, but also others), I don't think it's good to introduce such a change now. Our toolchain should get fixed before we attempt to add more features to our compiler flags.
