Hello. Just finished basic system with all HLFS patches (glibc-2.6.1, gcc-4.2.2, binutils-2.18, amd64/multilib, dpkg as a package manager) and trying to compile and run test programs (strcpy-overflow.c, strcat-overflow.c, fgets-overflow.c)
I noticed that SSP catches stack smashing in fgets-overflow.c only when I pass 25+ in the command line: (lesser value does nothing) $ echo abcdefghijklm111111111111111111111111111 | ./fgets-overflow 25 abcdefghijklm11111111111 *** stack smashing detected ***: ./fgets-overflow terminated Aborted when fgets-overflow.c is compiled as follows: $ gcc -o fgets-overflow fgets-overflow.c -U_FORTIFY_SOURCE But when I compile it as a 32-bit program, all goes as expected: $ gcc -m32 -o fgets-overflow fgets-overflow.c -U_FORTIFY_SOURCE $ echo abcdefghijklm111111111111111111111111111 | ./fgets-overflow 11 abcdefghij *** stack smashing detected ***: ./fgets-overflow terminated Aborted Some data alignment? // wbr, Fix
pgpxTjrEfDrkp.pgp
Description: PGP signature
-- http://linuxfromscratch.org/mailman/listinfo/hlfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
