On Thu, 3 Jul 2025, Igor Kostenko wrote:
Hi LIU Hao,
I've borrowed the term 'canary' from the few documentation bits.
https://www.redhat.com/en/blog/security-technologies-stack-smashing-protection-stackguard
https://lwn.net/Articles/584225/
https://wiki.osdev.org/Stack_Smashing_Protector
But I used it too loosely.
The updated patch is below:
---
From 6ea065be6a832a8359b77c373521a0bcbbfa85d6 Mon Sep 17 00:00:00 2001
From: Igor Kostenko <work.ker...@gmail.com>
Date: Thu, 3 Jul 2025 19:02:20 +0200
Subject: [PATCH v2] crt/ssp: disable premature stack protection at canary
init
Fix stack protection bootstrapping issue where the canary initialization
function itself triggers false positive stack overflow detection.
Changes in v2:
- Shorten init function definition
- Rewrite the description
Signed-off-by: Igor Kostenko <work.ker...@gmail.com>
---
mingw-w64-crt/ssp/stack_chk_guard.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
If I understand things correctly - this is an issue if you compile this
file (or the whole mingw-w64-crt) with -fstack-protector-strong or similar
- which would explain why others haven't run into it so far. Is that
right?
That's quite relevant context here, which should be pointed out in the
commit message.
Other than that, the change looks reasonable (but I haven't tested it).
// Martin
_______________________________________________
Mingw-w64-public mailing list
Mingw-w64-public@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mingw-w64-public
