Reputation: 355
gcc -fno-stack-protector for linking not work
My gcc version : gcc version 4.8.2 (Ubuntu 4.8.2-19ubuntu1)
the following is my makefile
all : main.o utility.o
gcc -fno-stack-protector -Wl,-z,execstack -o binary main.o utility.o -lcrypto
main : main.c
gcc -z execstack -fno-stack-protector main.c -c
utility: utility.c
gcc -z execstack -fno-stack-protector utility.c -c
The file utility.o and main.o does not have stack guard But after linking there are some stack guard
objdump -D binary | grep chk
080488d0 <__stack_chk_fail@plt>:
8048e30: e8 9b fa ff ff call 80488d0 <__stack_chk_fail@plt>
80494dd: e8 ee f3 ff ff call 80488d0 <__stack_chk_fail@plt>
80498e2: e8 e9 ef ff ff call 80488d0 <__stack_chk_fail@plt>
8049b92: e8 39 ed ff ff call 80488d0 <__stack_chk_fail@plt>
8049c9e: e8 2d ec ff ff call 80488d0 <__stack_chk_fail@plt>
8049da2: e8 29 eb ff ff call 80488d0 <__stack_chk_fail@plt>
804a137: e8 94 e7 ff ff call 80488d0 <__stack_chk_fail@plt>
How to disable it?
Upvotes: 0
Views: 2229
Answers (1)
Reputation: 213935
the following is my makefile
gcc -z execstack -fno-stack-protector main.c -c
That command is bogus; if anything it should have -Wl,-z,execstack. However, since that's a linker option, and you are not linking here, best to remove -z exestack completely.
But after linking there are some stack guard
The calls to __stack_chk_fail must be coming from some code linked into your binary. Perhaps from libcrypto.a, or from libgcc.a. You can see where they are coming from, in two ways:
gcc -fno-stack-protector -Wl,-z,execstack -o binary main.o utility.o \
-lcrypto -Wl,-y,__stack_chk_fail
will produce messages like this:
/some/libfoo.a(bar.o): reference to __stack_chk_fail # you care about this one!
/usr/lib/libc.so.6: definition of __stack_chk_fail
Or you can use the binary you already built:
objdump -d binary | egrep '>:$|__stack_chk_fail' | grep -B1 __stack_chk_fail
That should tell you which functions inside the binary reference __stack_chk_fail, and from that you should be able to guess where these functions are coming from.
P.S. Unless you are studying buffer overflow exploitation techniques, disabling stack protector and linking with -z,execstack is a really bad idea.
Upvotes: 2
Related Questions
- -fno-stack-protector is not working
- gcc canaries : undefined reference to __stack_chk_guard
- gcc -fstack-protector does not throw error
- Disabling stack protection in GCC not working
- error in compilation with ld : __stack_chk_guard@@GLIBC_2.17
- Error while linking with gcc?
- gcc link error occurred
- C linking stage generates no warning
- gcc -fno-stack-protector option
- How do I get C++ programs to link with gcc's stack protector feature on AIX?