diff options
author | Martynas Venckus <martynas@cvs.openbsd.org> | 2014-03-30 01:11:01 +0000 |
---|---|---|
committer | Martynas Venckus <martynas@cvs.openbsd.org> | 2014-03-30 01:11:01 +0000 |
commit | 7bf4a33088199e8f723ff2aae3c474467705377f (patch) | |
tree | ebe5cd86310f5c68913be4276cb58061b08c7055 | |
parent | f5554fc467f3b8400a0af1c17a269c12d039c4c9 (diff) |
Change the heuristics of -fstack-protector to select to protect
additional functions --- those that have local array definitions,
or have references to local frame addresses.
Note that upstream uses -fstack-protector-strong and misleads people:
-fstack-protector, -fstack-protector-all, -fstack-protector-strong
can you tell which one is safe?
Luckily, OpenBSD has its own compiler and is able to do the right
thing for security: this is enabled by default, and called
-fstack-protector.
OK deraadt@, miod@. Tested for 3 months.
-rw-r--r-- | gnu/gcc/gcc/common.opt | 2 | ||||
-rw-r--r-- | gnu/gcc/gcc/toplev.c | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/gnu/gcc/gcc/common.opt b/gnu/gcc/gcc/common.opt index de1ae3c59a4..c309c43249f 100644 --- a/gnu/gcc/gcc/common.opt +++ b/gnu/gcc/gcc/common.opt @@ -863,7 +863,7 @@ Common RejectNegative Joined -fstack-limit-symbol=<name> Trap if the stack goes past symbol <name> fstack-protector -Common Report Var(flag_stack_protect, 1) Init(-1) +Common Report Var(flag_stack_protect, 3) Init(-1) Use propolice as a stack protection method fstack-protector-all diff --git a/gnu/gcc/gcc/toplev.c b/gnu/gcc/gcc/toplev.c index 5d438e0de27..ae2185c0b18 100644 --- a/gnu/gcc/gcc/toplev.c +++ b/gnu/gcc/gcc/toplev.c @@ -1834,7 +1834,7 @@ process_options (void) /* Targets must be able to place spill slots at lower addresses. If the target already uses a soft frame pointer, the transition is trivial. */ if (flag_stack_protect == -1) - flag_stack_protect = FRAME_GROWS_DOWNWARD ? 1 : 0; + flag_stack_protect = FRAME_GROWS_DOWNWARD ? 3 : 0; if (!FRAME_GROWS_DOWNWARD && flag_stack_protect) { warning (0, "-fstack-protector not supported for this target"); |