Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-16998

gcc-toolset-13-gcc: gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 [rhel-9]

    • Icon: Bug Bug
    • Resolution: Done-Errata
    • Icon: Undefined Undefined
    • rhel-9.4
    • rhel-9.3.0
    • gcc-toolset-13-gcc
    • None
    • gcc-toolset-13-gcc-13.2.1-5.el9
    • sst_pt_gcc
    • ssg_platform_tools
    • 15
    • 20
    • 1
    • False
    • Hide

      None

      Show
      None
    • Yes
    • None
    • Enhancement
    • Hide
      .GCC Toolset 13: Compiling with GCC and the `-fstack-protector` flag no longer fails to guard dynamic stack allocations on 64-bit ARM

      Previously, on the 64-bit ARM architecture, the GCC compiler with the `-fstack-protector` flag failed to detect a buffer overflow in functions containing a C99 variable-length array or an `alloca()`-allocated object. Consequently, an attacker could overwrite saved registers on the stack. With this update, the buffer overflow detection on 64-bit ARM has been fixed. As a result, applications compiled with GCC are more secure.
      Show
      .GCC Toolset 13: Compiling with GCC and the `-fstack-protector` flag no longer fails to guard dynamic stack allocations on 64-bit ARM Previously, on the 64-bit ARM architecture, the GCC compiler with the `-fstack-protector` flag failed to detect a buffer overflow in functions containing a C99 variable-length array or an `alloca()`-allocated object. Consequently, an attacker could overwrite saved registers on the stack. With this update, the buffer overflow detection on 64-bit ARM has been fixed. As a result, applications compiled with GCC are more secure.
    • Done
    • None

      Backport https://gcc.gnu.org/git/?p=gcc.git;a=commitdiff;h=b96e66fd4ef3e36983969fb8cdd1956f551a074b and its related patches and mention that in the GCC Toolset 13.1 Release Notes.

            mpolacek@redhat.com Marek Polacek
            mpolacek@redhat.com Marek Polacek
            Marek Polacek Marek Polacek
            Vaclav Kadlcik Vaclav Kadlcik
            Jacob Valdez Jacob Valdez
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: