1@node Overflow Protection 2@chapter Overflow Protection 3 4@menu 5* Stack Smashing Protection:: Checks enabled with -fstack-protector* 6* Object Size Checking:: Checks enabled with _FORTIFY_SOURCE 7@end menu 8 9@node Stack Smashing Protection 10@section Stack Smashing Protection 11Stack Smashing Protection is a compiler feature which emits extra code 12to check for stack smashing attacks. It depends on a canary, which is 13initialized with the process, and functions for process termination when 14an overflow is detected. These are private entry points intended solely 15for use by the compiler, and are used when any of the @code{-fstack-protector}, 16@code{-fstack-protector-all}, @code{-fstack-protector-explicit}, or 17@code{-fstack-protector-strong} compiler flags are enabled. 18 19@node Object Size Checking 20@section Object Size Checking 21Object Size Checking is a feature which wraps certain functions with checks 22to prevent buffer overflows. These are enabled when compiling with 23optimization (@code{-O1} and higher) and @code{_FORTIFY_SOURCE} defined 24to 1, or for stricter checks, to 2. 25 26@cindex list of overflow protected functions 27The following functions use object size checking to detect buffer overflows 28when enabled: 29 30@example 31@exdent @emph{String functions:} 32bcopy memmove strcpy 33bzero mempcpy strcat 34explicit_bzero memset strncat 35memcpy stpcpy strncpy 36 37@exdent @emph{Wide Character String functions:} 38fgetws wcrtomb wcsrtombs 39fgetws_unlocked wcscat wmemcpy 40mbsnrtowcs wcscpy wmemmove 41mbsrtowcs wcsncat wmempcpy 42wcpcpy wcsncpy wmemset 43wcpncpy wcsnrtombs 44 45@exdent @emph{Stdio functions:} 46fgets fread_unlocked sprintf 47fgets_unlocked gets vsnprintf 48fread snprintf vsprintf 49 50@exdent @emph{Stdlib functions:} 51mbstowcs wcstombs wctomb 52 53@exdent @emph{System functions:} 54getcwd read ttyname_r 55pread readlink 56 57@end example 58
