From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:38713)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <armbru@redhat.com>) id 1ZwnS7-0006Jv-V9
	for qemu-devel@nongnu.org; Thu, 12 Nov 2015 03:42:01 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <armbru@redhat.com>) id 1ZwnS3-0004Ay-Tc
	for qemu-devel@nongnu.org; Thu, 12 Nov 2015 03:41:55 -0500
From: Markus Armbruster <armbru@redhat.com>
References: <1447275457-1415-1-git-send-email-rprebello@gmail.com>
Date: Thu, 12 Nov 2015 09:41:49 +0100
In-Reply-To: <1447275457-1415-1-git-send-email-rprebello@gmail.com> (Rodrigo
	Rebello's message of "Wed, 11 Nov 2015 18:57:37 -0200")
Message-ID: <8737wbvcc2.fsf@blackfin.pond.sub.org>
MIME-Version: 1.0
Content-Type: text/plain
Subject: Re: [Qemu-devel] [PATCH 1/1] configure: use appropriate code
	fragment for -fstack-protector checks
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Rodrigo Rebello <rprebello@gmail.com>
Cc: qemu-trivial@nongnu.org, qemu-devel@nongnu.org

Rodrigo Rebello <rprebello@gmail.com> writes:

> The check for stack-protector support consisted in compiling and linking
> the test program below (output by function write_c_skeleton()) with the
> compiler flag -fstack-protector-strong first and then with
> -fstack-protector-all if the first one failed to work:
>
>   int main(void) { return 0; }
>
> This caused false positives when using certain toolchains in which the
> compiler accepted -fstack-protector-strong but no support was provided
> by the C library, since for this stack-protector variant the compiler
> emits canary code only for functions that meet specific conditions
> (local arrays, memory references to local variables, etc.) and the code
> fragment under test included none of them (hence no stack protection
> code generated, no link failure).
>
> This fix changes the test program used for -fstack-protector checks to
> include a function that meets conditions which cause the compiler to
> generate canary code in all variants.
>
> Signed-off-by: Rodrigo Rebello <rprebello@gmail.com>
> ---
>  configure | 18 ++++++++++++++++++
>  1 file changed, 18 insertions(+)
>
> diff --git a/configure b/configure
> index 46fd8bd..c3d9592 100755
> --- a/configure
> +++ b/configure
> @@ -1486,6 +1486,24 @@ for flag in $gcc_flags; do
>  done
>  
>  if test "$stack_protector" != "no"; then
> +  cat > $TMPC << EOF
> +void foo(const char *c);
> +
> +void foo(const char *c)
> +{
> +    char arr[64], *p;
> +    for (p = arr; *c; c++, p++) {
> +        *p = *c;
> +    }
> +}
> +
> +int main(void)
> +{
> +    char c[] = "";
> +    foo(c);

Why not simply foo("")?

Could the optimizer optimize away the pattern that triggers the canary?

To protect against that possibility, we could use

int main(int argc, char *argv[])
{
    foo(argv[0]);
}

> +    return 0;
> +}
> +EOF
>    gcc_flags="-fstack-protector-strong -fstack-protector-all"
>    sp_on=0
>    for flag in $gcc_flags; do