-fstack-protector-all ignored due to -fstack-protector default

Bug #691722 reported by Kees Cook on 2010-12-17
18
This bug affects 2 people
Affects Status Importance Assigned to Milestone
gcc-4.4 (Ubuntu)
Medium
Kees Cook
Karmic
Medium
Unassigned
Lucid
Medium
Unassigned
Maverick
Medium
Unassigned
Natty
Medium
Kees Cook
gcc-4.5 (Ubuntu)
Medium
Kees Cook
Karmic
Medium
Unassigned
Lucid
Medium
Unassigned
Maverick
Medium
Unassigned
Natty
Medium
Kees Cook

Bug Description

Binary package hint: gcc-4.5

Looks like the spec file modifications need to be tweaked:

$ gcc -o test test.c
$ hardening-check test
...
 Stack protected: no, not found!
...
$ gcc -o test test.c -fstack-protector-all
$ hardening-check test
...
 Stack protected: no, not found!
...
$ gcc -o test test.c -fno-stack-protector -fstack-protector-all
$ hardening-check test
...
 Stack protected: yes
...

Kees Cook (kees) on 2010-12-17
Changed in gcc-4.5 (Ubuntu):
status: New → Confirmed
assignee: nobody → Kees Cook (kees)
Kees Cook (kees) wrote :

I think this will fix it, but for some reason I cannot compile gcc-4.5 on natty right now...

Changed in gcc-4.5 (Ubuntu Natty):
milestone: none → natty-alpha-3
importance: Undecided → Medium
status: Confirmed → In Progress
tags: added: patch
Kees Cook (kees) on 2011-01-07
Changed in gcc-4.5 (Ubuntu Karmic):
status: New → Confirmed
Changed in gcc-4.5 (Ubuntu Lucid):
status: New → Confirmed
Changed in gcc-4.5 (Ubuntu Maverick):
status: New → Confirmed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package gcc-4.5 - 4.5.2-1ubuntu3

---------------
gcc-4.5 (4.5.2-1ubuntu3) natty; urgency=low

  * Update to SVN 20110107 (r168562) from the gcc-4_5-branch.
    - Fix PR target/47038,
      PR target/46685, PR target/45447, PR tree-optimization/46758,
      PR tree-optimization/45552, PR tree-optimization/43023,
      PR middle-end/46734, PR fortran/45338, PR preprocessor/39213.

  [ Kees Cook ]
  * debian/patches/gcc-default-ssp.patch: do not ignore -fstack-protector-all
    (LP: #691722).
 -- Matthias Klose <email address hidden> Fri, 07 Jan 2011 16:19:05 +0100

Changed in gcc-4.5 (Ubuntu Natty):
status: In Progress → Fix Released
Kees Cook (kees) on 2011-02-21
Changed in gcc-4.4 (Ubuntu Natty):
status: New → Triaged
Changed in gcc-4.4 (Ubuntu Lucid):
status: New → Triaged
importance: Undecided → Medium
Changed in gcc-4.4 (Ubuntu Maverick):
status: New → Triaged
importance: Undecided → Medium
Changed in gcc-4.4 (Ubuntu Natty):
importance: Undecided → Medium
Changed in gcc-4.4 (Ubuntu Karmic):
status: New → Triaged
importance: Undecided → Medium
Changed in gcc-4.5 (Ubuntu Lucid):
status: Confirmed → Triaged
importance: Undecided → Medium
Changed in gcc-4.5 (Ubuntu Maverick):
status: Confirmed → Triaged
importance: Undecided → Medium
Changed in gcc-4.5 (Ubuntu Karmic):
status: Confirmed → Triaged
importance: Undecided → Medium
Kees Cook (kees) on 2011-02-21
Changed in gcc-4.4 (Ubuntu Natty):
assignee: nobody → Kees Cook (kees)
status: Triaged → In Progress
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package gcc-4.4 - 4.4.5-11ubuntu2

---------------
gcc-4.4 (4.4.5-11ubuntu2) natty; urgency=low

  * debian/patches/gcc-default-ssp.patch:
    - do not ignore -fstack-protector-all (LP: #691722)
    - do not enable -fstack-protector with -ffreestanding.
 -- Kees Cook <email address hidden> Mon, 21 Feb 2011 10:38:33 -0800

Changed in gcc-4.4 (Ubuntu Natty):
status: In Progress → Fix Released
Rolf Leggewie (r0lf) wrote :

karmic has seen the end of its life and is no longer receiving any updates. Marking the karmic task for this ticket as "Won't Fix".

Changed in gcc-4.5 (Ubuntu Karmic):
status: Triaged → Won't Fix
Changed in gcc-4.4 (Ubuntu Karmic):
status: Triaged → Won't Fix
Rolf Leggewie (r0lf) wrote :

maverick has seen the end of its life and is no longer receiving any updates. Marking the maverick task for this ticket as "Won't Fix".

Changed in gcc-4.5 (Ubuntu Maverick):
status: Triaged → Won't Fix
Changed in gcc-4.4 (Ubuntu Maverick):
status: Triaged → Won't Fix
Rolf Leggewie (r0lf) wrote :

lucid has seen the end of its life and is no longer receiving any updates. Marking the lucid task for this ticket as "Won't Fix".

Changed in gcc-4.5 (Ubuntu Lucid):
status: Triaged → Won't Fix
Changed in gcc-4.4 (Ubuntu Lucid):
status: Triaged → Won't Fix
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Duplicates of this bug

Other bug subscribers