Full Disclosure mailing list archives
Re: ShortNotes : Stack Smashing with GCC4
From: Marcus Meissner <meissner () suse de>
Date: Fri, 20 Apr 2007 15:44:27 +0200
The classic example (Gera's Law):
[File : abo1.c ] After fixing your code (adding a missing #include <string.h>)
$ gcc -o abo1 abo1.c
Which is just not how to compile your code. If you pass the right options: $ gcc -O2 -D_FORTIFY_SOURCE=2 xx.c -o xx $ ./xx `perl -e "print 'a' x 1024;"` *** buffer overflow detected ***: ./xx terminated ======= Backtrace: ========= /lib/power4/libc.so.6(__chk_fail+0x68)[0xff7db68] /lib/power4/libc.so.6(__strcpy_chk+0x60)[0xff7c820] ./xx[0x1000056c] /lib/power4/libc.so.6[0xfea3f70] /lib/power4/libc.so.6[0xfea41cc] ... gcc -O2 -fstack-protector xx.c -o xx ./xx `perl -e "print 'a' x 1024;"` Input : aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa *** stack smashing detected ***: ./xx terminated Perhaps you should read the manpages of the compiler first to find the correct options to enable. Ciao, Marcus _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- ShortNotes : Stack Smashing with GCC4 xWinGs @ KJ (Apr 20)
- Re: ShortNotes : Stack Smashing with GCC4 Marcus Meissner (Apr 20)
- Message not available
- Re: ShortNotes : Stack Smashing with GCC4 Guasconi Vincent (Apr 20)
- Message not available
- Re: ShortNotes : Stack Smashing with GCC4 Marcus Meissner (Apr 20)
- <Possible follow-ups>
- Re: ShortNotes : Stack Smashing with GCC4 Chris Rohlf (Apr 20)