1 |
While building wine from cvs (not from portage), I've come across something that doesn't seem consistent in the hardened gcc toolchain. |
2 |
|
3 |
Option -nostdlib is a linker option, however if specified during compilation it disables ssp and pie; which I'd normally do by specifying -fno-stack-protector and -fno-pie. |
4 |
|
5 |
Option -nostartfiles/-nodefaultlibs are similar options to -nostdlib (which seems to me to be synonymous with -nostdlib if both are specified), but they don't disable ssp or pie during compilation. |
6 |
|
7 |
The gcc manual says that linker options should not affect code generation. Indeed, specifying -nostdlib does not stop gcc generating calls to memcmp, memset or memcpy - following this up suggests to me that it shouldn't inhibit the compiler-generated calls to the stack protector symbols either. The gcc manual says that if -nostdlib is used, alternate provision should be made for memcmp/memset/memcpy; it seems reasonable that the same should apply to __guard and __stack_smash_handler. |
8 |
|
9 |
Am I missing something? |
10 |
|
11 |
Kev. |
12 |
|
13 |
|
14 |
|
15 |
-- |
16 |
gentoo-hardened@g.o mailing list |