Anders Hanssen <[EMAIL PROTECTED]> writes:
> A look at the generated code confirms it does not use ssp for overrun()
>
> void
> overrun(const char *str)
> {
> int x;
> char a[4];
> int y;
>
> strcpy(a, str);
> printf("hi");
> }
>
> # gcc -S -fstack-protector test.c
Use -fstack-protector-all instead.
> Anyway, I don't know why gcc fail to see that overrun() needs
> protection.
Because you didn't RTFM...
DES
--
Dag-Erling Smørgrav - [EMAIL PROTECTED]
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
