[libvirt] [PATCH] Remove ssp buffer size setting
Michal Privoznik
mprivozn at redhat.com
Fri Jun 6 11:04:58 UTC 2014
On 06.06.2014 11:40, Ján Tomko wrote:
> This option only makes sense with -fstack-protector.
> With -fstack-protector-all, even functions with buffers
> smaller than this are protected.
>
> https://bugzilla.redhat.com/show_bug.cgi?id=1105456
> ---
> m4/virt-compile-warnings.m4 | 8 --------
> 1 file changed, 8 deletions(-)
>
> diff --git a/m4/virt-compile-warnings.m4 b/m4/virt-compile-warnings.m4
> index 574fbc4..ebc931d 100644
> --- a/m4/virt-compile-warnings.m4
> +++ b/m4/virt-compile-warnings.m4
> @@ -171,14 +171,6 @@ AC_DEFUN([LIBVIRT_COMPILE_WARNINGS],[
> dnl be great overhead in adding -fstack-protector-all instead
> dnl wantwarn="$wantwarn -fstack-protector"
> wantwarn="$wantwarn -fstack-protector-all"
> - wantwarn="$wantwarn --param=ssp-buffer-size=4"
> - dnl Even though it supports it, clang complains about
> - dnl use of --param=ssp-buffer-size=4 unless used with
> - dnl the -c arg. It doesn't like it when used with args
> - dnl that just link together .o files. Unfortunately
> - dnl we can't avoid that with automake, so we must turn
> - dnl off the following clang specific warning
> - wantwarn="$wantwarn -Wno-unused-command-line-argument"
> ;;
> *-*-freebsd*)
> dnl FreeBSD ships old gcc 4.2.1 which doesn't handle
>
From the gcc man page:
-fstack-protector
Emit extra code to check for buffer overflows, such as stack
smashing attacks. This is done by adding a guard variable to functions
with vulnerable objects. This includes functions that call "alloca",
and functions with buffers larger than 8 bytes. The guards are
initialized when a function is entered and then checked when the
function exits. If a guard check fails, an error message is printed and
the program exits.
-fstack-protector-all
Like -fstack-protector except that all functions are protected.
So when using -fstack-protector-all even functions with 4B buffers are
protected.
ACK
Michal
More information about the libvir-list
mailing list