another SSP bug? (Re: userland ppp ("No context" errors))

YONETANI Tomokazu qhwt+dfly at les.ath.cx
Mon Jun 19 05:15:15 PDT 2006


On Mon, Jun 19, 2006 at 01:30:51PM +0200, joerg at xxxxxxxxxxxxxxxxx wrote:
> On Mon, Jun 19, 2006 at 07:06:40PM +0900, YONETANI Tomokazu wrote:
> > This seems like another stack-smash-protector bug and still lives
> > in our compiler, only triggered when you use -O(s|[2-9]) flags AND
> > -march flag (which defaults to pentiumpro) .
> 
> -march or -mcpu? The former is certainly not default and can trigger a
> variety of bugs.

Sorry, the default is -mtune, but both -march=pentiumpro and
-mtune=pentiumpro can trigger the bug(and the compiler complained
that -mcpu is deprecated).

> > If you do one of the following and the problem disappears:
> >  - add -fno-stack-smash-protector to CFLAGS
> >  - change prefix[] in function FindExec() shown below to a static array
> >    so as there's no char array in the local parameter. char array of
> >    size more than 8 bytes on the stack can trigger the bug.
> 
> Well, under 8 byte the stack protection would not be active.

I have almost zero knowledge of how stack protector works, but
does it only care about char array of size greater than 8 bytes
(8 bytes was ok)?  I also tried int[] and double[], but none of them
did it.





More information about the Bugs mailing list