| 1 |
While building wine from cvs (not from portage), I've come across something that doesn't seem consistent in the hardened gcc toolchain. |
| 2 |
|
| 3 |
Option -nostdlib is a linker option, however if specified during compilation it disables ssp and pie; which I'd normally do by specifying -fno-stack-protector and -fno-pie. |
| 4 |
|
| 5 |
Option -nostartfiles/-nodefaultlibs are similar options to -nostdlib (which seems to me to be synonymous with -nostdlib if both are specified), but they don't disable ssp or pie during compilation. |
| 6 |
|
| 7 |
The gcc manual says that linker options should not affect code generation. Indeed, specifying -nostdlib does not stop gcc generating calls to memcmp, memset or memcpy - following this up suggests to me that it shouldn't inhibit the compiler-generated calls to the stack protector symbols either. The gcc manual says that if -nostdlib is used, alternate provision should be made for memcmp/memset/memcpy; it seems reasonable that the same should apply to __guard and __stack_smash_handler. |
| 8 |
|
| 9 |
Am I missing something? |
| 10 |
|
| 11 |
Kev. |
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
-- |
| 16 |
gentoo-hardened@g.o mailing list |
Archives