On Thursday November 15 2007 10:36:00 am naruto canada wrote: > hi > > the cocoon page has made a wrong statement or given wrong examples? > > gcc -o strcat-overflow strcat-overflow.c -U_FORTIFY_SOURCE > ./strcat-overflow 2345678 > ./strcat-overflow 23456789 > ./strcat-overflow 234567890 > > gcc -o strcat-overflow strcat-overflow.c -fno-stack-protector > ./strcat-overflow 2345678 > ./strcat-overflow 23456789 > ./strcat-overflow 234567890 > > gcc -o strcat-overflow strcat-overflow.c > ./strcat-overflow 2345678 > ./strcat-overflow 23456789 > ./strcat-overflow 234567890 > > the page states that there shouldn't be any seg faults, maybe that was > wrong? shouldn't this flag "-fno-stack-protector" disable stack guard and > actually cause a seg fault?
Fortify_sources catches overflows before stack protector, so -U_FORTIFY_SOURCE allows stack protector to be tested here. The -fno-stack-protector isn't really needed, the result should be the same with or without it... fortify_source checking will terminate the program. If the program does a segmentation fault then something is wrong, and neither checking worked... the fortify_source patch for GCC probably wasn't applied. I'd suggest retrying with '-D_FORTIFY_SOURCE=2 -O', to see if it works manually. robert
pgpenYMomblA4.pgp
Description: PGP signature
-- http://linuxfromscratch.org/mailman/listinfo/hlfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
