tech-pkg archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

-fstack-check vs -fstack-clash-protection


pkgsrc's PKGSRC_USE_STACK_CHECK setting adds -fstack-check to the
compiler flags.

Corresponding about a build failure with an upstream, it was pointed
out to me that even the gcc man page documents this as:

          -fstack-check= is designed for Ada's needs to detect
           infinite recursion and stack overflows.  specific is an
           excellent choice when compiling Ada code.  It is not
           generally sufficient to protect against stack-clash
           attacks.  To protect against those you want

The documentation for that says:

           Most targets do not fully support stack clash protection.

Does anyone know the state of -fstack-clash-protection on NetBSD?

Should we switch from -fstack-check to -fstack-clash-protection in
pkgsrc, when PKGSRC_USE_STACK_CHECK is set?


Home | Main Index | Thread Index | Old Index