| 1 |
Kevin F. Quinn <mailto:kevquinn@g.o> wrote: |
| 2 |
> On Sat, 29 Jul 2006 17:37:03 -0400 |
| 3 |
> "Richard Hansen" <gentoo-a7x@×××××××××××.org> wrote: |
| 4 |
>> After spending hours with gdb, I believe I have narrowed down the |
| 5 |
>> problem to a setjmp() call in the Wireshark code. That call seems to |
| 6 |
>> be trashing the stack, based on comparing local variable values |
| 7 |
>> before and after the call. Is this a known limitation of SSP, or |
| 8 |
>> should setjmp() work with SSP? |
| 9 |
> |
| 10 |
> Well, the setjmp() connection is new, but we do know that SSP in |
| 11 |
> gcc-3.x sometimes generates bad code, and that sometimes gcc-3.x |
| 12 |
> generates bad code regardless of SSP (where enabling SSP just causes |
| 13 |
> the error to be detected -see bug #133301 for an example). However we |
| 14 |
> haven't yet worked out what's going on. It would be worth building |
| 15 |
> Wireshark with SSP off and running gdb in the same way you did before, |
| 16 |
> breaking at the same place, to see if the same local variables are |
| 17 |
> corrupted or not when SSP is disabled. |
| 18 |
|
| 19 |
According to my gdb tests, the stack is not corrupted when SSP is disabled. |
| 20 |
|
| 21 |
I'm not sure how SSP alters the layout of the stack, but considering setjmp() and longjmp() are written in assembly, it makes sense that they would trash the stack when SSP is turned on. However, I would expect the SSP patch to include updated versions of setjmp() and longjmp() to accommodate the changes to the stack... Is this not the case? |
| 22 |
|
| 23 |
Is there an official web page or mailing list for the SSP patch? |
| 24 |
|
| 25 |
Thanks, |
| 26 |
Richard |
| 27 |
|
| 28 |
|
| 29 |
-- |
| 30 |
gentoo-hardened@g.o mailing list |
Archives