Re: Stack Smash Protection disabled (was HEADS-UP: Stack Smash Protection enabled by default for amd64 and i386)

To: Steven Bellovin <smb%cs.columbia.edu@localhost>
Subject: Re: Stack Smash Protection disabled (was HEADS-UP: Stack Smash Protection enabled by default for amd64 and i386)
From: David Holland <dholland-current%netbsd.org@localhost>
Date: Fri, 13 Nov 2009 15:40:19 +0000

On Fri, Nov 13, 2009 at 08:20:57AM -0500, Steven Bellovin wrote:
 > > Note that quite a few packages break with SSP.
 > 
 > Hmm -- why?  Buffer overflows that haven't been exploited yet?

It's allergic to alloca(), and anything equivalent to alloca() like
variable-sized arrays on the stack.

-- 
David A. Holland
dholland%netbsd.org@localhost

Follow-Ups:
- Re: Stack Smash Protection disabled (was HEADS-UP: Stack Smash Protection enabled by default for amd64 and i386)
  - From: Thor Lancelot Simon

References:
- HEADS-UP: Stack Smash Protection enabled by default for amd64 and i386
  - From: Matthias Scheler
- Stack Smash Protection disabled (was HEADS-UP: Stack Smash Protection enabled by default for amd64 and i386)
  - From: Matthias Scheler
- Re: Stack Smash Protection disabled (was HEADS-UP: Stack Smash Protection enabled by default for amd64 and i386)
  - From: Elad Efrat
- Re: Stack Smash Protection disabled (was HEADS-UP: Stack Smash Protection enabled by default for amd64 and i386)
  - From: Steven Bellovin
- Re: Stack Smash Protection disabled (was HEADS-UP: Stack Smash Protection enabled by default for amd64 and i386)
  - From: Jukka Ruohonen
- Re: Stack Smash Protection disabled (was HEADS-UP: Stack Smash Protection enabled by default for amd64 and i386)
  - From: Steven Bellovin

Prev by Date: Re: PF related panic
Next by Date: Re: Stack Smash Protection disabled (was HEADS-UP: Stack Smash Protection enabled by default for amd64 and i386)
Previous by Thread: Re: Stack Smash Protection disabled (was HEADS-UP: Stack Smash Protection enabled by default for amd64 and i386)
Next by Thread: Re: Stack Smash Protection disabled (was HEADS-UP: Stack Smash Protection enabled by default for amd64 and i386)
Indexes:

Home | Main Index | Thread Index | Old Index