Lee wrote:
Maybe I'm just Doing It Wrong, but
gcc -fstack-protector-all
seems to be working correctly &
i686-w64-mingw32-gcc -fstack-protector-all
seems to be broken - eg:
$./ssp testtestx
Illegal instruction
printf's that happen before the stack over-write don't show up & no
"*** stack smashing detected ***" msg is printed before the "Illegal
instruction"
...
extern
int doit(char *s ) {
char buf[]="12345678";
int i=0;
if ( *s != '\0' ) i = 1; /* return true */
printf("doit: s=\"%s\" buf=\"%s\" i=%d\n", s, buf, i );
strcpy(buf, s);
/* buffer overflow into return status(int i) if strlen(s) > 8 */
printf("doit: s=\"%s\" buf=\"%s\" i=%d\n", s, buf, i );
return i;
}
+ i686-w64-mingw32-gcc -c -fstack-protector-all func-ssp.c -o func-ssp.o
+ i686-w64-mingw32-gcc -c -fstack-protector-all main-ssp.c -o main-ssp.o
+ i686-w64-mingw32-gcc -static -o ssp.exe func-ssp.o main-ssp.o -lssp
BTW: There is no need to link with -lssp if the related code generation
option -fstack-protector* is also used during link.
+ ./ssp.exe testtestx
./doit: line 11: 9128 Illegal instruction ./ssp.exe testtestx
+ echo -e '\n\n'
The *** stack smashing detected *** message from MinGW runtime is only
visible if stdio is attached to a Windows console.
Works for me if one more overflow char is added:
Cygwin mintty:
$ ./ssp testtestx
main: argv[1]=testtestx
doit: s="testtestx" buf="12345678" i=1
doit: s="testtestx" buf="testtestx" i=1
main: exit
$ ./ssp testtestxx
Illegal instruction
Cygwin in Windows console (cygwin.bat):
$ ./ssp testtestxx
main: argv[1]=testtestxx
doit: s="testtestxx" buf="12345678" i=1
doit: s="testtestxx" buf="testtestxx" i=1
*** stack smashing detected ***: terminated
Illegal instruction
cmd.exe in Windows console:
C:\cygwin\tmp>.\ssp.exe testtestxx
main: argv[1]=testtestxx
doit: s="testtestxx" buf="12345678" i=1
doit: s="testtestxx" buf="testtestxx" i=1
*** stack smashing detected ***: terminated
[Windows Message Box: Debug/Abort Program ?]
Christian
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple