It looks like the stack-clash detection is getting tripped up on optimization:
ubuntu@stensal-disco-server-amd64:~$ gcc -O2 -o stack-clash -fstack-clash-protection stack-clash.c ubuntu@stensal-disco-server-amd64:~$ ./hardening-check ./stack-clash ./stack-clash: Position Independent Executable: yes Stack protected: yes Fortify Source functions: no, only unprotected functions found! Read-only relocations: yes Immediate binding: yes Stack clash protection: no, not found! ubuntu@stensal-disco-server-amd64:~$ gcc -o stack-clash -fstack-clash-protection stack-clash.c ubuntu@stensal-disco-server-amd64:~$ ./hardening-check ./stack-clash ./stack-clash: Position Independent Executable: yes Stack protected: yes Fortify Source functions: no, only unprotected functions found! Read-only relocations: yes Immediate binding: yes Stack clash protection: yes -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1820798 Title: hardening-check: add support for detecting stack clash protected binaries To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/devscripts/+bug/1820798/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
