In the original ProPolice that the gcc 4.1 stack smash protection was derived from, a stack smash would illicit a message similar to:
*** Stack smashing detected in function vuln() in source file net.c!!! Aborted Examining the current source, the following code exists: void __stack_chk_fail (void) { const char *msg = "*** stack smashing detected ***: "; fail (msg, strlen (msg), "stack smashing detected: terminated"); } This winds out with: *** stack smashing detected ***: ./usr/lib/foxsrt/test/ssp_smash terminated Unfortunately it seems this now can't be (cleanly) fixed without breaking existing stack smash protected code. The only way to allow old behavior is to add ANOTHER external function to libssp. One possible would be: void __stack_chk_fail2 (char *fctn, char *srcfile, void *damage) { const char *msg = "*** stack smashing detected ***:"; /*Allocate: "%s %s:%s (damage: 0x%p) ",msg,srcfile,fctn,damage*/ int msg2len = strlen (msg) + strlen (fctn) + strlen (srcfile) + sizeof(void*)*2 + 17; char *msg2 = alloca (msg2len); snprintf (msg2, msg2len, "%s %s:%s (damage: 0x%p) ", msg, srcfile, fctn, damage); /* Not necessary, assuming %p doesn't spit out extra characters...*/ msg2[msg2len - 1] = '\0'; fail (msg2, strlen (msg2), "stack smashing detected: terminated"); } The emitted code would then have to call the following in case of a detected stack smash: __stack_chk_fail2(__FUNC__, __FILE__, __guard); Where __FUNC__ is the function name, __FILE__ is the source file, and __guard is the canary value in the function (which is now damaged). The nice thing about doing something like this is that the programmer does not have to pull out a debugger and try to reproduce stack smashing scenarios and do a stack trace to figure out where the bug is. This is especially helpful when an end user produces a bug report, because the bug report can say right there, "Stack smash in bad_code.c:vuln_function()" and the programmer can go right there and look through everything that the buffer is passed to and everything he does with it to see what he messed up. The overhead of this is an extra reference to __FILE__ and __FUNC__, which may be generated inline or point to existing copies of those strings in the object. The cost at runtime is only seen when a stack smash occurs. Total, the program should get a few bytes bigger (if alignment doesn't fuzz that out) and shouldn't run any slower, so nobody should care. -- Summary: Stack smash protection non-verbose Product: gcc Version: 4.1.1 Status: UNCONFIRMED Severity: normal Priority: P3 Component: c AssignedTo: unassigned at gcc dot gnu dot org ReportedBy: nigelenki at comcast dot net http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28328