On Sat, Mar 29, 2014 at 10:52 AM, Steven Stewart-Gallus <sstewartgallu...@mylangara.bc.ca> wrote: > > Adam Zabrocki's Adventure with stack smashing protection at > (http://blog.pi3.com.pl/?p=485 ) is kind of interesting. It lists some > possible > weaknesses in GCC's -fstack-protector. Given that the weaknesses happen when > the > stack has already been smashed I do not think they are critical but they do > bug > me. I think that the issues happen due to the fundamental problem with the > approach that GCC's reporting method is taking. Instead of dealing with the > messed up state of the process it could exec a whole new process or simply > abort. We could also actually raise our own SIGSEGV signal. I coded up a small > illustration of how the exec strategy would work.
Thanks. The code in question is actually part of glibc, not GCC. All GCC does is call __stack_chk_fail. You may want to take your concerns to the glibc developers--see http://sourceware.org/glibc. GCC does have it's own copy of __stack_chk_fail in libssp, but it's simpler than the glibc version. Ian
