On 12/05/10 17:29, Thomas Bächler wrote:
Am 12.05.2010 09:15, schrieb Allan McRae:
On 12/05/10 16:49, Jan de Groot wrote:
On Wed, 2010-05-12 at 12:35 +1000, Allan McRae wrote:
Hi,
We have a bug report asking to enable stack-smashing protection in our
package building. Looking at the overhead estimates by other distros
that use it, overall it appears fairly minimal (OpenBSD says 1.3% on
average). There used to be some build issues (see bottom of this page
for Ubuntu report: https://wiki.ubuntu.com/GccSsp), but I am not sure of
the current status. Also, it can be disabled with -fno-stack-protector
if needed.
I am in favour of doing this. I think adding -fstack-protector is
enough as that adds protection to only functions "vulnerable" to buffer
overflows (as defined by gcc... mainly character arrays) while
-fstack-protector-all adds it to all functions.
We should maybe also add -D_FORTIFY_SOURCE=2. This detects some buffer
overflows compile time and others at run time. It was designed to have
minimal runtime overhead.
Any opinions?
Given the fact that GCC 4.5 produces broken binaries with software that
needs -fno-strict-aliasing (busybox comes to mind, but also others), I
don't think it's good to introduce such a change now. Our toolchain
should get fixed before we attempt to add more features to our compiler
flags.
There is a fix on the gcc bug tracker but I am waiting for it to be
backported to gcc-4.5. If it has not been done by the next toolchain
rebuild (I expect in the next week), I will backport it myself.
Yeah, but there's even more breakage in busybox as you might have
noticed, unrelated to that fix.
Honestly, if I wanted comments about gcc and busybox, the subject of
this email would have been something like "busybox build issues with
gcc-4.5". And then I would have scolded myself for not using the bug
tracker.
Can I just have comments on the proposed CFLAGS?
Allan
