[Commotion-dev] Stack Smashing Protection on OpenWRT
Andrew Reynolds
andrew at opentechinstitute.org
Fri Feb 7 21:11:32 UTC 2014
On 02/07/2014 03:29 PM, L. Aaron Kaplan wrote:
> On Feb 7, 2014, at 5:26 PM, Andrew Reynolds <andrew at opentechinstitute.org> wrote:
>> Does anyone have experience with OpenWRT's stack smashing protection
>> toolchain option? I've been trying to compile Commotion with SSP and
>> haven't had any luck.
>
> Yup! I regularly have the very same issue with that in the openwrt build system.
> Seems like it is not very well tested by developers. But IMHO that should be highly used.
Well that's not the answer I was hoping for :)
For what it's worth, I did just come across a separate toolchain config
file containing the line "UCLIBC_HAS_SSP is not set".
Running "make menuconfig" in the toolchain directory
(<buildroot>/build_dir/toolchain-mips_r2_gcc-4.6-linaro_uClibc-0.9.33.2/uClibc-0.9.33.2/
on our system) brought up a whole new set of features, including the
option to pass -fstack-protector.
It looks like this menu is not accessible until AFTER you've built the
toolchain. It also passes the very conservative stack-protector, not
stack-protector-all or stack-protector-strong.
Hopefully this will do the trick.
-andrew
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://lists.chambana.net/pipermail/commotion-dev/attachments/20140207/367eb564/attachment.sig>
More information about the Commotion-dev
mailing list