[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Steve Kemp <skx@debian.org> Please check your Debian E-Mail.

On Mon, Aug 08, 2005 at 03:31:40AM +0100, Steve Kemp wrote:
> On Sun, Aug 07, 2005 at 10:12:56PM -0400, Daniel Jacobowitz wrote:
> 
> > >   The SSP compiler is a patch against GCC and offers "Stack Smashing
> > >  Protection".  In short it gives protection against buffer overflow 
> > >  bugs, and attacks.
> > 
> > Steve, you are aware that GCC 4.1 will include a complete
> > reimplementaton of this feature, right?  Wouldn't time be better spent
> > with that than with the obsolete SSP patches?
> 
>   The GCC 4.1 implementation, mudflap, appears to do an entirely
>  different thing.

No, mudflap is not what I'm talking about.  That's in GCC 4.0.  It's a
heavyweight, featureful bounds checker.  But in GCC 4.1, there is a new
option: -fstack-protector.  It's by principle roughly the same as the
IBM ProPolice feature, although Richard reimplemented it from the
ground up.

This should be basically the same as what you're testing, except
already included in GCC.

-- 
Daniel Jacobowitz
CodeSourcery, LLC
Reply to: