Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Stack Smash Protection disabled (was HEADS-UP: Stack Smash Protection enabled by default for amd64 and i386)

On Fri, Nov 13, 2009 at 08:20:57AM -0500, Steven Bellovin wrote:
 > > Note that quite a few packages break with SSP.
 > Hmm -- why?  Buffer overflows that haven't been exploited yet?

It's allergic to alloca(), and anything equivalent to alloca() like
variable-sized arrays on the stack.

David A. Holland

Home | Main Index | Thread Index | Old Index