mirror of
https://github.com/RGBCube/serenity
synced 2025-05-25 20:45:06 +00:00
06da50afc7
Modify the user mode runtime to insert stack canaries to find stack corruptions.
The `-fstack-protector-strong` variant was chosen because it catches more
issues than vanilla `-fstack-protector`, but doesn't have substantial
performance impact like `-fstack-protector-all`.
Details:
-fstack-protector enables stack protection for vulnerable functions that contain:
* A character array larger than 8 bytes.
* An 8-bit integer array larger than 8 bytes.
* A call to alloca() with either a variable size or a constant size bigger than 8 bytes.
-fstack-protector-strong enables stack protection for vulnerable functions that contain:
* An array of any size and type.
* A call to alloca().
* A local variable that has its address taken.
Example of it catching corrupting in the `stack-smash` test:
```
courage ~ $ ./user/Tests/LibC/stack-smash
[+] Starting the stack smash ...
Error: Stack protector failure, stack smashing detected!
Shell: Job 1 (/usr/Tests/LibC/stack-smash) Aborted
```
|
||
|---|---|---|
| .. | ||
| arch/i386 | ||
| cdefs.h | ||
| file.h | ||
| internals.h | ||
| ioctl.h | ||
| ioctl_numbers.h | ||
| mman.h | ||
| param.h | ||
| prctl.cpp | ||
| prctl.h | ||
| prctl_numbers.h | ||
| ptrace.cpp | ||
| ptrace.h | ||
| resource.h | ||
| select.cpp | ||
| select.h | ||
| socket.cpp | ||
| socket.h | ||
| stat.h | ||
| sysmacros.h | ||
| time.h | ||
| times.h | ||
| types.h | ||
| uio.cpp | ||
| uio.h | ||
| un.h | ||
| utsname.h | ||
| wait.cpp | ||
| wait.h | ||