What is the use of -fno-stack-protector?

2019-02-08 03:19发布

问题:

I have written an application in C, and I'm trying to understand what is the purpose of the -fno-stack-protector command when compiling. For my specific application, it makes no difference if I use this command or not in terms of protecting against buffer overflow.

I've read online that the -fstack-protector and -fno-stack-protector commands enable and disable respectively the stack-smashing protector, but if I'm compiling the application myself, how can the protector be enabled beforehand? Does the usage of the command maybe depend on what system the application is running on?

回答1:

In the standard/stock GCC, stack protector is off by default. However, some Linux distributions have patched GCC to turn it on by default. In my opinion, this is rather harmful, as it breaks the ability to compile anything that's not linked against the standard userspace libraries unless the Makefile specifically disables stack protector. It would even break the Linux kernel build except that the distributions with this hack added additional hacks to GCC to detect that the kernel is being built and disable it.



回答2:

If you compile with -fstack-protector, then there will be a little more space allocated on the stack and a little more overhead on entry to and return from a function while the code sets up the checks and then actually checks whether you've overwritten the stack while in the function.

It will make a difference to your application. If enabled, it will head off stack overflow attacks quickly. Only if you have no function calls in your code would it leave your program unaffected (and since you normally write main(), and that is a function which is called by the startup code, it would have an effect on your program). However, stack overflow attacks are not the only possible attacks that can be used, so it is not a panacea. But it is useful protection with a limited cost.

The protection does not depend on the system per se; it depends on the version of the compiler that you are using, but that's all.



回答3:

The stack protector is code that is generated by the compiler and placed into your program. It's not an external program or system call that is called by your program.



回答4:

Times when an option that matches a default compiler setting can be useful include:

  • when you're using a build system that may have a complex configuration that you want to tweak. Instead of figuring out where in a maze of makefiles it might be choosing to use fstack-protector (for example), it may let you easily pass in additional options that simply get tacked on to the end of the list of options. If GCC sees both fstack-protector and fno-stack-protector in the set of options, the last one on the command line is the one that takes effect.

  • the other time this kind of thing might be handy (which doesn't seem to apply to -fstack-protector, however) is when you have an option that turns on a bunch of 'sub-options'. For example, setting -O2 turns on a slew of -fxxx optimization options,and you may want to use -O2 for the most part but don't want GCC's strict aliasing optimizations. So you can specify -fno-strict-aliasing to set that particular option back to its default setting. (Note: this case is really equivalent to the case above)



回答5:

There are three reasons why you may want to turn this off,

  • You're building a shared a library where this may matter and other functions make assumptions about the stack.
  • You're concerned about performance.
  • You want to build vulnerable software. This very frequently happens with Capture The Flag (CTFs) and the like, as in the case if you wanted to build Protostar to demonstrate an exploit that you wouldn't otherwise be vulnerable too.