NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

lib/44749: ssp tests break when built with -g

>Number:         44749
>Category:       lib
>Synopsis:       ssp tests break when built with -g
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    lib-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Mon Mar 21 09:00:01 +0000 2011
>Originator:     Julio Merino
>Release:        NetBSD 5.99.48
System: NetBSD desky 5.99.48 NetBSD 5.99.48 (GENERIC) #0: Sat Mar 19 19:30:58 
GMT 2011 
Architecture: x86_64
Machine: amd64
        The tests in src/tests/lib/libc/ssp/ are supposed to trigger ssp.

        However, when such tests are built with CFLAGS=-g, the failures are
        not triggered.  I presume the code is laid out in a manner that
        prevents the buffer overflows from corrupting the stack.

        Even more, the h_gets.c file fails to build with -g because the
        compiler will spit out a warning about unsafe usage of gets().
        $ cd /usr/src/tests/lib/libc/ssp
        $ vi h_gets.c
        ... hack: comment out the call to gets() to let this build ...
        $ CFLAGS=-g make USETOOLS=no
        $ atf-run | atf-report
        ... see everything fail ...
        $ echo 'alsdjflkdsjfld' | ./h_fgets 11
        ... see this print out a string instead of triggering ssp ...
        Don't know what the best solution for these would be.
        Maybe forcibly ignore -g when building these tests?  Maybe split
        out the code that is supposed to trigger ssp in a single file that
        is built without -g, yet everything else carries -g?  (These
        seem a big hack instead of a real solution.)
        Rework the tests so that they trigger a failure even with -g?


Home | Main Index | Thread Index | Old Index