6

Do -fstack-protector and -fstack-protector-all protect heap-based memory allocations too or only stack-based ones ?

What is the difference between the first 2 and -fmudflap ?

Any recommendations as to which is better for debugging ?

(I'm not sure if the gcc man page is clear enough or I simply do not understand it...)

char foobar[10]; // stack-based

char *foobar = malloc(10); // heap-based
Jane Watson
  • 545
  • 2
  • 8
  • 13
  • What is your goal? Do you want to make sure your code is protected, and flip on what protects it well? If that is the case, gcc default compiles to most if nit all protections enabled (eg, the canary value -fatack-protector seems to enable). If your goal is to selectively disable in a debugging state to make it easier to follow code logic w/o having to wonder which parts of the code are merely hack protections, you can disable many protections (I think all but the setting of the nx bit pretty much). In that case, the option you want (among others) is -fno-stack-protector. – gnometorule Oct 18 '11 at 16:27
  • Well there are others that I think are hard to disable if not impossible, say, whether certain redirection tables are writeable. – gnometorule Oct 18 '11 at 16:29
  • @gnometorule My goal is to enable as much protection as possible. But for that, I need to understand what each do and do not do. – Jane Watson Oct 18 '11 at 16:38

2 Answers2

3

-fstack-protector and -fstack-protector-all have nothing to do with heap allocations.
-fstack-protector protects strings only (main problem target for buffer overflow attacks), -fstack-protector-all protects all types. Some descriptions here: http://en.wikipedia.org/wiki/Buffer_overflow_protection

TJD
  • 11,800
  • 1
  • 26
  • 34
-1

Mudflap is for pointer checks. See this pdf. You will need to install the relevant libs to be able to use these gcc features. I like valgrind better for detecting such errors because there is no need to recompile/relink and is easier to use, but these can be valuable too.

b0ti
  • 2,319
  • 1
  • 18
  • 18