Subject: Re: ssp and gcc-4.1
To: Jason Thorpe <>
From: Thor Lancelot Simon <>
List: tech-userlevel
Date: 11/07/2006 13:16:23
On Tue, Nov 07, 2006 at 10:09:53AM -0800, Jason Thorpe wrote:
> Now, one would think that __builtin_alloca() would be OK with ssp --  
> after all, the compiler provides both, right?

I thought this, too.  But I was wrong: the way SSP works, it has to know
the maximum stack size before entry to each new function (creation of
each new stack frame) or it can't know where to place the "canary".

As Christos pointed out to me elsewhere, we can't really provide an
interface by which alloca() can move the canary and inform the parent,
because exploit code could use that interface, too.  :-/

  Thor Lancelot Simon	                           

  "We cannot usually in social life pursue a single value or a single moral
   aim, untroubled by the need to compromise with others."      - H.L.A. Hart