Expanding the list of "Hardened Packages"

Florian Weimer fweimer at redhat.com
Wed May 8 08:11:22 UTC 2013


On 04/14/2013 03:34 AM, Steve Grubb wrote:
>   -fstack-protector-all really is all. The default in Fedora is 4 bytes which
> would cover cases where ints and char[] are interposed as in some networking
> code. But more importantly, the defaul stack-protector only kicks in when the
> object is a char array. If its an int array or something exotic like an array
> within a struct, it does not kick in. That is what the -fstack-protector-
> strong patch provides. Its been floating around the internet and is the default
> for chrome OS. All the testing I've done shows it catches all stack overflows
> of all kinds. We really need it integrated with Fedora's gcc.

The basic patch has been committed upstream:

<http://gcc.gnu.org/viewcvs/gcc?view=revision&revision=198699>

It's still incomplete, though, particularly for C++.  Slots for structs 
returned from functions can be allocated in the caller and are 
addressable in the callee (as a consequence of the named return value 
optimization).  This means that the calling function should be 
instrumented with a canary.  Han Shen is going to work on a follow-up 
patch which addresses this gap.  Once that additional patch is in, we 
should consider backporting both patches.

-- 
Florian Weimer / Red Hat Product Security Team


More information about the devel mailing list