Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Buffer overflow prevention
From: Peter Busser <peter () trusteddebian org>
Date: Fri, 15 Aug 2003 10:32:14 +0200


There is a flag for the Gnu C/C++ compilers, -fstack-protector, that will 
implement ProPolice stack protection.  It should prevent stack smashing 

That is not actually in the standard GCC; it is in a forked GCC that 
OpenBSD chooses to ship.

Adamantix and Gentoo Hardened also ship this patched GCC compiler.

We (Immunix) are in the process of trying to make StackGuard (the 
original) meet all of the criteria required for acceptance into GCC. At 
the GCC Summit <http://www.gccsummit.org/2003/> in May, we presented a 
StackGuard talk 
<http://www.gccsummit.org/2003/view_abstract.php?talk=31> on that topic.

I would rather see Hiraoke Etoh's Stack Smashing Protector (aka ProPolice) as
standard stack-smashing protection mechanism in GCC than StackGuard.

Peter Busser
The Adamantix Project
Taking trustworthy software out of the labs, and into the real world

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]