public inbox for newlib-cvs@sourceware.org
help / color / mirror / Atom feed
* [newlib-cygwin] ssp: add APIs for Stack Smashing Protection
@ 2017-11-29 17:26 Yaakov Selkowitz
0 siblings, 0 replies; only message in thread
From: Yaakov Selkowitz @ 2017-11-29 17:26 UTC (permalink / raw)
To: newlib-cvs
https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=0a5dfdbd1ba3663a54fa1a7de1a6c4a0a3316a6e
commit 0a5dfdbd1ba3663a54fa1a7de1a6c4a0a3316a6e
Author: Yaakov Selkowitz <yselkowi@redhat.com>
Date: Mon Nov 27 23:04:09 2017 -0600
ssp: add APIs for Stack Smashing Protection
Compiling with any of the -fstack-protector* flags requires the
__stack_chk_guard data import (which needs to be initialized) and the
__stack_chk_fail{,_local} functions. While GCC's own libssp can provide
these, it is better that we provide these ourselves. The implementation
is custom due to being OS-specific.
Signed-off-by: Yaakov Selkowitz <yselkowi@redhat.com>
Diff:
---
newlib/libc/ssp/stack_protector.c | 45 +++++++++++++++++++++++++++++++++++++++
1 file changed, 45 insertions(+)
diff --git a/newlib/libc/ssp/stack_protector.c b/newlib/libc/ssp/stack_protector.c
new file mode 100644
index 0000000..ee014b6
--- /dev/null
+++ b/newlib/libc/ssp/stack_protector.c
@@ -0,0 +1,45 @@
+#include <sys/cdefs.h>
+#include <sys/param.h>
+#include <signal.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+uintptr_t __stack_chk_guard = 0;
+
+void
+__attribute__((__constructor__))
+__stack_chk_init (void)
+{
+ if (__stack_chk_guard != 0)
+ return;
+
+#if defined(__CYGWIN__) || defined(__rtems__)
+ arc4random_buf(&__stack_chk_guard, sizeof(__stack_chk_guard));
+#else
+ /* If getentropy is not available, use the "terminator canary". */
+ ((unsigned char *)&__stack_chk_guard)[0] = 0;
+ ((unsigned char *)&__stack_chk_guard)[1] = 0;
+ ((unsigned char *)&__stack_chk_guard)[2] = '\n';
+ ((unsigned char *)&__stack_chk_guard)[3] = 255;
+#endif
+}
+
+void
+__attribute__((__noreturn__))
+__stack_chk_fail (void)
+{
+ char msg[] = "*** stack smashing detected ***: terminated\n";
+ write (2, msg, strlen (msg));
+ raise (SIGABRT);
+ _exit (127);
+}
+
+#ifdef __ELF__
+void
+__attribute__((visibility ("hidden")))
+__stack_chk_fail_local (void)
+{
+ __stack_chk_fail();
+}
+#endif
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2017-11-29 17:26 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-11-29 17:26 [newlib-cygwin] ssp: add APIs for Stack Smashing Protection Yaakov Selkowitz
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).