From caa1615dc4d5b46790189b11a06dc9b78f87180f Mon Sep 17 00:00:00 2001 From: Miod Vallat Date: Mon, 2 Dec 2002 16:40:40 +0000 Subject: Document the lovely propolice changes. --- gnu/egcs/gcc/gcc-local.1 | 24 ++++++++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-) (limited to 'gnu/egcs/gcc') diff --git a/gnu/egcs/gcc/gcc-local.1 b/gnu/egcs/gcc/gcc-local.1 index 13856a2d64f..312ea1891c1 100644 --- a/gnu/egcs/gcc/gcc-local.1 +++ b/gnu/egcs/gcc/gcc-local.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: gcc-local.1,v 1.2 2002/11/24 01:02:53 espie Exp $ +.\" $OpenBSD: gcc-local.1,v 1.3 2002/12/02 16:40:39 miod Exp $ .\" .\" Copyright (c) 2002 Marc Espie .\" @@ -24,7 +24,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd Nov. 23, 2002 +.Dd December 1, 2002 .Dt GCC-LOCAL 1 .Os .Sh NAME @@ -103,6 +103,26 @@ style exceptions, and so needs extra fixes beyond the pure 2.95.3 release. .It On i386, the optimizer features an extra peephole which reduces the function prologues enough to allow for the ramdisk to fit on one floppy. +.It +On +.Ox , +.Nm gcc +comes with the +.Dq propolice +stack protection extension, which is enabled by default. +This extension reorders local variables declarations and adds stack consistency +checks at run time, in order to detect stack overflows, and will attempt to +report the problem in the system logs, and abort the faulting process. +It can be turned off using the +.Fl fno-stack-protector +commandline option. +Note that the stack protector relies on some support code in libc. +Standalone programs not linked against libc must either provide their own +support bits, or use the +.Fl fno-stack-protector +option. .El .Sh SEE ALSO .Xr gcc 1 +.Pp +.Pa http://www.trl.ibm.com/projects/security/ssp -- cgit v1.2.3