Web lists-archives.com

Re: problem with i686-w64-mingw32-gcc -fstack-protector-all




Lee wrote:
Maybe I'm just Doing It Wrong, but
   gcc -fstack-protector-all
seems to be working correctly &
   i686-w64-mingw32-gcc -fstack-protector-all
seems to be broken - eg:

$./ssp testtestx
Illegal instruction

printf's that happen before the stack over-write don't show up & no
"*** stack smashing detected ***" msg is printed before the "Illegal
instruction"
...

extern
int doit(char *s ) {
   char buf[]="12345678";
   int i=0;
   if ( *s != '\0' ) i = 1;  /* return true */
   printf("doit: s=\"%s\"   buf=\"%s\"  i=%d\n", s, buf, i );
   strcpy(buf, s);
     /* buffer overflow into return status(int i) if strlen(s) > 8 */
   printf("doit: s=\"%s\"   buf=\"%s\"  i=%d\n", s, buf, i );
   return i;
}

+ i686-w64-mingw32-gcc -c -fstack-protector-all func-ssp.c -o func-ssp.o
+ i686-w64-mingw32-gcc -c -fstack-protector-all main-ssp.c -o main-ssp.o
+ i686-w64-mingw32-gcc -static -o ssp.exe func-ssp.o main-ssp.o -lssp

BTW: There is no need to link with -lssp if the related code generation option -fstack-protector* is also used during link.


+ ./ssp.exe testtestx
./doit: line 11:  9128 Illegal instruction     ./ssp.exe testtestx
+ echo -e '\n\n'


The *** stack smashing detected *** message from MinGW runtime is only visible if stdio is attached to a Windows console.

Works for me if one more overflow char is added:

Cygwin mintty:

$ ./ssp testtestx
main: argv[1]=testtestx
doit: s="testtestx"   buf="12345678"  i=1
doit: s="testtestx"   buf="testtestx"  i=1
main: exit

$ ./ssp testtestxx
Illegal instruction


Cygwin in Windows console (cygwin.bat):

$ ./ssp testtestxx
main: argv[1]=testtestxx
doit: s="testtestxx"   buf="12345678"  i=1
doit: s="testtestxx"   buf="testtestxx"  i=1
*** stack smashing detected ***:  terminated
Illegal instruction


cmd.exe in Windows console:

C:\cygwin\tmp>.\ssp.exe testtestxx
main: argv[1]=testtestxx
doit: s="testtestxx"   buf="12345678"  i=1
doit: s="testtestxx"   buf="testtestxx"  i=1
*** stack smashing detected ***:  terminated
[Windows Message Box: Debug/Abort Program ?]


Christian


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple