For reasons I'm not aware of, Glibc allows buffer checking to go over the mark. I assume they are aware of it, but I have not checked into it. Libssp is more strict.
robert
On Saturday January 3 2009 10:50:18 am thorsten wrote:
> Hello there,
>
> this is a bit off-topic, however if someone could point me in the right
> direction, I would appreciate it.
>
> I am trying to build a toolchain based on the HLFS-SVN-20080603 (the
> last html-version) but with updated packages according to LFS 6.4. Which
> means:
>
> gcc-4.3.2
> binutils-2.18
> glibc-2.8-20080929
>
> So far, everything wored like a charm, however while testing my
> butterfly toolchain there seems to be some problem with fortify source:
>
> the fgets-overflow works like expected:
> echo abcdefghijklm | ./fgets-overflow 14
> *** buffer overflow detected ***: ./fgets-overflow terminated
> ======= Backtrace: [...]
>
> however the strcpy-overflow does not:
>
> cat > strcpy-overflow.c << "EOF"
>
> > #include <string.h>
> > int main()
> > {
> > char buf[2];
> > strcpy(buf,"12345");
> > return 0;
> > }
> > EOF
>
> root:~# gcc -o strcpy-overflow strcpy-overflow.c -static -L/usr/lib/static
> root:~#
>
> [ there is no warning about overflowing the buffer while compilng ]
>
> ./strcpy-overflow
> *** stack smashing detected ***: ./strcpy-overflow terminated
> ======= Backtrace: [ ...]
>
> and the overflow seems to be detected by ssp, not fortify source.
> even compiling with
> gcc -o strcpy-overflow strcpy-overflow.c -static -L/usr/lib/static -Wall
> -Wextra -D_FORTIFY_SOURCE=2
> gives the same results.
>
> I disabled libssp in the gcc build, since glibc provides it. Could this
> be the reason? Or is gcc-4.3 the problem?
>
> I attached gcc -dumpspecs for info...
>
> thanks, thorsten
pgpl2l1zVyUTD.pgp
Description: PGP signature
-- http://linuxfromscratch.org/mailman/listinfo/hlfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
