[Bug java/82263] New: java multilib -m32 version is using 64 bit include and lib, _GStaticAssertCompileTimeAssertion_0
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=82263 Bug ID: 82263 Summary: java multilib -m32 version is using 64 bit include and lib, _GStaticAssertCompileTimeAssertion_0 Product: gcc Version: 6.4.1 Status: UNCONFIRMED Severity: normal Priority: P3 Component: java Assignee: unassigned at gcc dot gnu.org Reporter: gccbugzilla.severach at spamgourmet dot com Target Milestone: --- Snapshot 6-20170913 fixed all glibc 2.26 issues except for the -m32 multilib version of the java compiler. It halts with /usr/include/glib-2.0/glib/gmacros.h:232:53: error: size of array ‘_GStaticAssertCompileTimeAssertion_0’ is negative This is because it is including a 64 bit /usr/lib/glib-2.0/include/glibconfig.h. I can patch the makefile to get it to use the 32 bit /usr/lib32/glib-2.0/include/glibconfig.h which completes the compile then crashes on linking to the 64 bit libs. $ pacman -Q gcc-multilib glibc gcc-multilib 7.2.0-1 glibc 2.26-4 $ gcc -v Using built-in specs. COLLECT_GCC=gcc COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-pc-linux-gnu/7.2.0/lto-wrapper Target: x86_64-pc-linux-gnu Configured with: /build/gcc-multilib/src/gcc/configure --prefix=/usr --libdir=/usr/lib --libexecdir=/usr/lib --mandir=/usr/share/man --infodir=/usr/share/info --with-bugurl=https://bugs.archlinux.org/ --enable-languages=c,c++,ada,fortran,go,lto,objc,obj-c++ --enable-shared --enable-threads=posix --enable-libmpx --with-system-zlib --with-isl --enable-__cxa_atexit --disable-libunwind-exceptions --enable-clocale=gnu --disable-libstdcxx-pch --disable-libssp --enable-gnu-unique-object --enable-linker-build-id --enable-lto --enable-plugin --enable-install-libiberty --with-linker-hash-style=gnu --enable-gnu-indirect-function --enable-multilib --disable-werror --enable-checking=release --enable-default-pie --enable-default-ssp Thread model: posix gcc version 7.2.0 (GCC)
[Bug java/82263] java multilib -m32 version is using 64 bit include and lib, _GStaticAssertCompileTimeAssertion_0
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=82263 --- Comment #2 from Chris Severance --- I'm building gcc 6.4.1 6-20170913 with gcc 7.2.0. The -m32 version of java does not build.
[Bug c/81400] New: Stack smashing not caught by stack protector strong and allowing me to stack smash
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81400 Bug ID: 81400 Summary: Stack smashing not caught by stack protector strong and allowing me to stack smash Product: gcc Version: 7.1.1 Status: UNCONFIRMED Severity: normal Priority: P3 Component: c Assignee: unassigned at gcc dot gnu.org Reporter: gccbugzilla.severach at spamgourmet dot com Target Milestone: --- Created attachment 41720 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=41720&action=edit Stack smash demo I've made up some simple cases where stack smashing is not being caught. In one case -fstack-protector-strong prevents a seg fault and allows me to stack smash unchallenged. The demo is attached as a .tgz. Though this is against the rules the bug system doesn't allow me to submit the multiple files requested any other way. Consider this a bug report that the bug writing guidelines should be changed to "we require a .tar .tgz .zip of the files to be submitted" or the bug tracker needs to accept multiple files.
[Bug middle-end/81400] Stack smashing not caught by stack protector strong and allowing me to stack smash
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81400 --- Comment #3 from Chris Severance --- Unless there's a security reason 0 should never be used as a canary value. Errant \0 should be caught 100% of the time. When I built malloc canaries for NPPTextFX I expressly avoided \0. data[SMASH_ALIGN]='f' should be caught by bounds checking or a shadow stack, not ssp. It doesn't overwrite any canaries. It only writes to icanary which is my canary, not a gcc canary. The only time it should be caught by ssp is when icanary is disabled and it overwrites CNRY at the top of the stack. For debug builds canaries should be placed between every stack variable and in the unused space of aligned but undersized variables. Is there such an option?
