Integration of ProPolice in FreeBSD
Robert Watson
rwatson at FreeBSD.org
Thu Jun 26 12:13:44 UTC 2008
On Wed, 25 Jun 2008, Jeremie Le Hen wrote:
>> I'm running a build with CFLAGS += -fstack-protector now...just to see how
>> much chaos will ensue :)
>
> All ports on my laptop are compiled with it. Only a few ones broke
> during build:
> lang/gcc41
> lang/gcc42 (gcc4x should break too)
> emulators/qemu
> net/etherboot
>
> Firefox, Gnome, X.org, and everything else seems to not only compile but
> also work correctly.
>
> There may be little noise on freebsd-ports@ once the ports bits will have
> been provided, because Propolice may put forth a few bugs involving stack
> based buffers. In this case, the program is killed with SIGABRT and message
> "stack overflow detected; terminated" is issued to syslog.
I'd guess that this is rather well-trodden ground by other projects, since
most operating systems ship with stack protection enabled by default these
days. Our dubious advantage is that other people have probably found many of
the problems in third-party applications themselves at this point :-).
Robert N M Watson
Computer Laboratory
University of Cambridge
More information about the freebsd-arch
mailing list