Web lists-archives.com

Re: problem with i686-w64-mingw32-gcc -fstack-protector-all




On 10/4/17, Christian Franke   wrote:
> Lee wrote:
>> Maybe I'm just Doing It Wrong, but
>>    gcc -fstack-protector-all
>> seems to be working correctly &
>>    i686-w64-mingw32-gcc -fstack-protector-all
>> seems to be broken - eg:
>>
>> $./ssp testtestx
>> Illegal instruction
>>
>> printf's that happen before the stack over-write don't show up & no
>> "*** stack smashing detected ***" msg is printed before the "Illegal
>> instruction"
>> ...
>>
>> extern
>> int doit(char *s ) {
>>    char buf[]="12345678";
>>    int i=0;
>>    if ( *s != '\0' ) i = 1;  /* return true */
>>    printf("doit: s=\"%s\"   buf=\"%s\"  i=%d\n", s, buf, i );
>>    strcpy(buf, s);
>>      /* buffer overflow into return status(int i) if strlen(s) > 8 */
>>    printf("doit: s=\"%s\"   buf=\"%s\"  i=%d\n", s, buf, i );
>>    return i;
>> }
>>
>> + i686-w64-mingw32-gcc -c -fstack-protector-all func-ssp.c -o func-ssp.o
>> + i686-w64-mingw32-gcc -c -fstack-protector-all main-ssp.c -o main-ssp.o
>> + i686-w64-mingw32-gcc -static -o ssp.exe func-ssp.o main-ssp.o -lssp
>
> BTW: There is no need to link with -lssp if the related code generation
> option -fstack-protector* is also used during link.

Thanks for that!
I would have never guessed that a compile-time switch would have an
effect if all you're doing is linking.


>> + ./ssp.exe testtestx
>> ./doit: line 11:  9128 Illegal instruction     ./ssp.exe testtestx
>> + echo -e '\n\n'
>>
>
> The *** stack smashing detected *** message from MinGW runtime is only
> visible if stdio is attached to a Windows console.

Yes!
But even after re-reading https://github.com/mintty/mintty/wiki/Tips &
https://github.com/mintty/mintty/issues/56  I'm still missing why _no_
output is displayed before the 'Illegal instruction' output line.
Without a stack overflow I see:
$ ./ssp test
main: argv[1]=test
doit: s="test"   buf="12345678"  i=1
doit: s="test"   buf="test"  i=1
main: exit

so it seems like I should have gotten at least the first two lines of output.

> Works for me if one more overflow char is added:
>
> Cygwin mintty:
>
> $ ./ssp testtestx
> main: argv[1]=testtestx
> doit: s="testtestx"   buf="12345678"  i=1
> doit: s="testtestx"   buf="testtestx"  i=1
> main: exit

Interesting.  I have Windows 10 & i686-w64-mingw32-gcc (GCC) 6.3.0   you?


> $ ./ssp testtestxx
> Illegal instruction
>
>
> Cygwin in Windows console (cygwin.bat):
>
> $ ./ssp testtestxx
> main: argv[1]=testtestxx
> doit: s="testtestxx"   buf="12345678"  i=1
> doit: s="testtestxx"   buf="testtestxx"  i=1
> *** stack smashing detected ***:  terminated
> Illegal instruction
>
>
> cmd.exe in Windows console:
>
> C:\cygwin\tmp>.\ssp.exe testtestxx
> main: argv[1]=testtestxx
> doit: s="testtestxx"   buf="12345678"  i=1
> doit: s="testtestxx"   buf="testtestxx"  i=1
> *** stack smashing detected ***:  terminated
> [Windows Message Box: Debug/Abort Program ?]

I get the same with the cygwin.bat console window; a straight dos
(cmd.exe) console window has a 10 second delay after
*** stack smashing detected ***:  terminated
is displayed before I get the
   ------------------------
ssp.exe has stopped working

A problem caused the program to stop working
correctly. Please close the program.

 -> Close the program
   ------------------------
pop-up window

Anyway.. Thank you!!  It's been driving me nuts trying to figure out
why all I get is 'Illegal instruction'

Lee

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple