[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
lib/44749: ssp tests break when built with -g
>Synopsis: ssp tests break when built with -g
>Arrival-Date: Mon Mar 21 09:00:01 +0000 2011
>Originator: Julio Merino
>Release: NetBSD 5.99.48
System: NetBSD desky 5.99.48 NetBSD 5.99.48 (GENERIC) #0: Sat Mar 19 19:30:58
The tests in src/tests/lib/libc/ssp/ are supposed to trigger ssp.
However, when such tests are built with CFLAGS=-g, the failures are
not triggered. I presume the code is laid out in a manner that
prevents the buffer overflows from corrupting the stack.
Even more, the h_gets.c file fails to build with -g because the
compiler will spit out a warning about unsafe usage of gets().
$ cd /usr/src/tests/lib/libc/ssp
$ vi h_gets.c
... hack: comment out the call to gets() to let this build ...
$ CFLAGS=-g make USETOOLS=no
$ atf-run | atf-report
... see everything fail ...
$ echo 'alsdjflkdsjfld' | ./h_fgets 11
... see this print out a string instead of triggering ssp ...
Don't know what the best solution for these would be.
Maybe forcibly ignore -g when building these tests? Maybe split
out the code that is supposed to trigger ssp in a single file that
is built without -g, yet everything else carries -g? (These
seem a big hack instead of a real solution.)
Rework the tests so that they trigger a failure even with -g?
Main Index |
Thread Index |