1 |
Ryan Hill <dirtyepic@g.o> wrote: |
2 |
> Martin Vaeth <vaeth@××××××××××××××××××××××××.de> wrote: |
3 |
>> > |
4 |
>> > * -fstack-protector{-all} |
5 |
>> > No thank you. -fstack-protector has very limited coverage |
6 |
>> |
7 |
>> I'd say it covers most cases where bugs can be made, [...] |
8 |
> |
9 |
> The numbers I've seen show a maximum of 5% coverage for code that has a |
10 |
> large number of functions containing char arrays on the stack. |
11 |
|
12 |
If you have no local array on the stack, it is rather hard to write |
13 |
accidentally(!) code in the function which corrupts the stack. |
14 |
(It still is possible e.g. through bad casting, but it is rather |
15 |
unlikely that this happens by accident). |
16 |
So coverage of these functions covers most cases of accidental bugs. |
17 |
Of course, as Ciaranm already mentioned, there is no compiler flag |
18 |
which transforms unsafe code into safe one, but if even just one or |
19 |
two security bugs can be avoid this way, it was worth to add |
20 |
this flag IMHO. |
21 |
|
22 |
> Most code doesn't fall into that category. |
23 |
|
24 |
Isn't this good news? It means most code will not get *any* |
25 |
penalty with -fstack-protector. |