Re: [patch 2/5] Add the Kconfig option for the stackprotector feature

From: Thierry Vignaud
Date: Fri Jul 28 2006 - 13:54:40 EST

PaweÅ Sikora <pluto@xxxxxxxx> writes:

> gcc supports stack protection at so called tree-level (it means it's
> architecture-independent). i've just tested a simple userland-code:
> #include <stdlib.h>
> #include <string.h>
> int main()
> {
> char c;
> memset( &c, 0, 512 );
> return 0;
> }
> and stack protection works fine on {ix86,x86-64,powerpc}-linux.
> i can test it on {alpha,sparc}-linux later but i'm pretty sure
> it'll work too on these archs.

$ gcc -v
Using built-in specs.
Target: x86_64-mandriva-linux-gnu
Configured with: ../configure --prefix=/usr --libexecdir=/usr/lib --with-slibdir=/lib64 --mandir=/usr/share/man --infodir=/usr/share/info --enable-shared --enable-threads=posix --enable-checking=release --enable-languages=c,c++,ada,fortran,objc,obj-c++,java --host=x86_64-mandriva-linux-gnu --with-cpu=generic --with-system-zlib --enable-long-long --enable-__cxa_atexit --enable-clocale=gnu --disable-libunwind-exceptions --enable-java-awt=gtk --with-java-home=/usr/lib/jvm/java-1.4.2-gcj- --enable-gtk-cairo --enable-ssp --disable-libssp
Thread model: posix
gcc version 4.1.1 20060724 (prerelease) (4.1.1-3mdk)
$ gcc -fstack-protector t.c
$ ./a.out
zsh: segmentation fault ./a.out

it segfaults if using "return 0" instead of "exit(0)" and only if
memset overwrote the stack

why? because, according to gcc man page, "This includes functions that
call alloca, and functions with buffers larger than 8 bytes."
once the stack is bigger, it does abort with "*** stack smashing
detected ***: <unknown> terminated" however.

thus this won't protect stacks of small functions... such as your
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at