1 |
-----BEGIN PGP SIGNED MESSAGE----- |
2 |
Hash: SHA1 |
3 |
|
4 |
I have tested on my box |
5 |
|
6 |
wakka ~ # nm /bin/kill |grep __guard |
7 |
nm: /bin/kill: no symbols |
8 |
wakka ~ # readelf -s /bin/kill | grep __guard |
9 |
53: 00000000 4 OBJECT GLOBAL DEFAULT UND __guard@GLIBC_2.3.2 (5) |
10 |
|
11 |
nm seems not work(or not with these options), try with readelf |
12 |
|
13 |
Chris Smart wrote: |
14 |
|
15 |
> thanks for this... my amd64 doesn't seem to have used -fstack-protector |
16 |
> |
17 |
> cephas ~ # nm /bin/kill |grep __stack_smash_handler |
18 |
> nm: /bin/kill: no symbols |
19 |
> |
20 |
> cephas ~ # nm /bin/kill |grep __guard |
21 |
> nm: /bin/kill: no symbols |
22 |
> |
23 |
> is it something that I have to specify in my CFLAGS? |
24 |
> |
25 |
> ie: CFLAGS="-O2 -march=opteron -pipe -fomit-frame-pointer |
26 |
> -fstack-protector" ? |
27 |
> |
28 |
> I *though* it was already included in gcc 3.4 for opterons.. |
29 |
> |
30 |
> ta |
31 |
> |
32 |
> Kevin F. Quinn wrote: |
33 |
> |
34 |
>> Mike Frysinger wrote: |
35 |
>> |
36 |
>> |
37 |
>>> On Wednesday 11 May 2005 08:04 am, Rob Holland wrote: |
38 |
>>> |
39 |
>>> |
40 |
>>>> On Wed, May 11, 2005 at 10:51:18AM +0100, Pedro Venda wrote: |
41 |
>>>> |
42 |
>>>> |
43 |
>>>>> I'm left with a doubt: how to find out if some binary was |
44 |
>>>>> compiled with -fstack-protector gcc option? |
45 |
>>>>> |
46 |
>>>> |
47 |
>>>> I think: nm /bin/foo|grep guard |
48 |
>>>> should tell you, if you see a guard symbol, it has ssp. |
49 |
>>>> |
50 |
>>> |
51 |
>>> nm doesnt always worked (it'll fail on stripped binaries), but |
52 |
>>> `readelf > -s foo | grep guard` should work fine |
53 |
>>> |
54 |
>> |
55 |
>> |
56 |
>> '__guard' would be better than 'guard', to avoid false positives. |
57 |
>> Personally I use '__stack_smash_handler' |
58 |
>> |
59 |
>> Kev. |
60 |
>> |
61 |
>> |
62 |
>> |
63 |
>> |
64 |
>> |
65 |
>> |
66 |
|
67 |
-----BEGIN PGP SIGNATURE----- |
68 |
Version: GnuPG v1.4.1 (GNU/Linux) |
69 |
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org |
70 |
|
71 |
iD8DBQFCgyDr3RS+hG/PB/URAiXzAJsFhpCXH0kz+52usEO1dNAIy6K9fwCdEFTe |
72 |
fQT/09zACkewaP2X1OtygJc= |
73 |
=4vxV |
74 |
-----END PGP SIGNATURE----- |
75 |
|
76 |
-- |
77 |
gentoo-hardened@g.o mailing list |