Ubuntu
gcc-4.3 package

-fstack-protector not enabled by default on ARM

Bug #375189 reported by Kees Cook
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
gcc-4.3 (Ubuntu)
Fix Released
Medium
Unassigned
gcc-4.4 (Ubuntu)
Fix Released
Medium
Unassigned

Bug Description

Binary package hint: gcc-4.3

The stack protector should be enabled by default on ARM builds. AFAIK, the upstream bugs have been fixed for a while now.

$ make stack-protector-off
gcc -Wall -O2 -U_FORTIFY_SOURCE -o stack-protector-off stack-protector.c -fno-stack-protector
$ make stack-protector-on
gcc -Wall -O2 -U_FORTIFY_SOURCE -o stack-protector-on stack-protector.c -fstack-protector
$ make stack-protector-default
gcc -Wall -O2 -U_FORTIFY_SOURCE -o stack-protector-default stack-protector.c

$ ./stack-protector-off AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
Hello! You typed: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
Segmentation fault

$ ./stack-protector-on AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
Hello! You typed: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
*** stack smashing detected ***: ./stack-protector-on terminated
Aborted

$ ./stack-protector-default AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
Hello! You typed: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
Segmentation fault

on ARM:
$ gcc -v -Wall -O2 -U_FORTIFY_SOURCE -o stack-protector-default stack-protector.c 2>&1 | grep cc1
 /usr/lib/gcc/arm-linux-gnueabi/4.3.3/cc1 -quiet -v -U_FORTIFY_SOURCE stack-protector.c -quiet -dumpbase stack-protector.c -march=armv5t -mtune=cortex-a8 -auxbase stack-protector -O2 -Wall -version -o /tmp/ccgrxcFU.s

on i386:
$ gcc -v -Wall -O2 -U_FORTIFY_SOURCE -o stack-protector-default stack-protector.c 2>&1 | grep cc1
 /usr/lib/gcc/i486-linux-gnu/4.3.3/cc1 -quiet -v -U_FORTIFY_SOURCE stack-protector.c -quiet -dumpbase stack-protector.c -mtune=generic -auxbase stack-protector -O2 -Wall -version -fstack-protector -o /tmp/ccWuIDMj.s

the former is lacking -fstack-protector

Tags: armel
Kees Cook (kees)
visibility: private → public
Marc Deslauriers (mdeslaur)
Changed in gcc-4.3 (Ubuntu):
importance: Undecided → High
status: New → Confirmed
Paul Larson (pwlars)
tags: added: armel
Revision history for this message
Matthias Klose (doko) wrote :

according to http://gcc.gnu.org/bugzilla/show_bug.cgi?id=35965, this is not fixed for the 4.3 branch.

Changed in gcc-4.4 (Ubuntu):
importance: Undecided → Medium
status: New → Triaged
Changed in gcc-4.3 (Ubuntu):
importance: High → Medium
status: Confirmed → Triaged
Revision history for this message
Matthias Klose (doko) wrote :

... but in the gcc-4.3 package, still not enabled.

Changed in gcc-4.3 (Ubuntu):
status: Triaged → In Progress
Changed in gcc-4.4 (Ubuntu):
status: Triaged → In Progress
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package gcc-4.4 - 4.4.0-8ubuntu2

---------------
gcc-4.4 (4.4.0-8ubuntu2) karmic; urgency=low

  * Update to SVN 20090622 from the gcc-4_4-branch (r148821).
    - Fix PR objc/28050 (LP: #362217).
  * Enable SSP on arm and armel, run the testsuite with -fstack-protector.
    LP: #375189.

 -- Matthias Klose <email address hidden> Tue, 23 Jun 2009 00:57:50 +0200

Changed in gcc-4.4 (Ubuntu):
status: In Progress → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package gcc-4.3 - 4.3.3-12ubuntu2

---------------
gcc-4.3 (4.3.3-12ubuntu2) karmic; urgency=low

  * Update to SVN 20090625 from the gcc-4_3-branch.
    - Fixes PR middle-end/38751, PR c/32041, PR tree-optimization/36891,
      PR objc/28050 (LP: #362217), PR C++/36607, PR target/35318,
      PR target/39240, PR target/39013, PR c/39855, PR libgcj/38396.
  * Enable SSP on arm and armel. LP: #375189.

 -- Matthias Klose <email address hidden> Thu, 25 Jun 2009 15:51:07 +0200

Changed in gcc-4.3 (Ubuntu):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.