Integration of ProPolice in FreeBSD

Robert Watson rwatson at
Thu Jun 26 12:13:44 UTC 2008

On Wed, 25 Jun 2008, Jeremie Le Hen wrote:

>>  I'm running a build with CFLAGS += -fstack-protector now...just to see how
>>  much chaos will ensue :)
> All ports on my laptop are compiled with it.  Only a few ones broke
> during build:
>    lang/gcc41
>    lang/gcc42	(gcc4x should break too)
>    emulators/qemu
>    net/etherboot
> Firefox, Gnome,, and everything else seems to not only compile but 
> also work correctly.
> There may be little noise on freebsd-ports@ once the ports bits will have 
> been provided, because Propolice may put forth a few bugs involving stack 
> based buffers.  In this case, the program is killed with SIGABRT and message 
> "stack overflow detected; terminated" is issued to syslog.

I'd guess that this is rather well-trodden ground by other projects, since 
most operating systems ship with stack protection enabled by default these 
days.  Our dubious advantage is that other people have probably found many of 
the problems in third-party applications themselves at this point :-).

Robert N M Watson
Computer Laboratory
University of Cambridge

More information about the freebsd-arch mailing list