-fno -fno -fno stack protection

Sat, 01 Jan 2011 11:46:54 +0000

2 days straight now on IRC (##security on irc.freenode.net if you want to say hi) I have had to help someone compiling a program deal with it failing mid-stream. This is especially prevalent on security packages like fuzzers and such. First, what is stack protection?

Buffer Overflow Protection

In software, a stack buffer overflow occurs when a program writes to a memory address on the program’s call stack outside of the intended data structure; usually a fixed length buffer.^[1]^[2] Stack buffer overflow bugs are caused when a program writes more data to a buffer located on the stack than there was actually allocated for that buffer. This almost always results in corruption of adjacent data on the stack, and in cases where the overflow was triggered by mistake, will often cause the program to crash or operate incorrectly. This type of overflow is part of the more general class of programming bugs known as buffer overflows.^[1]

-Fno on

-fno -fno -fno stack protection