You copied the Doc URL to your clipboard.

--protect_stack, --no_protect_stack

The option --protect_stack inserts a guard variable onto the stack frame for each vulnerable function. The guard variable is inserted between any buffers and the return address entry.

A function is considered vulnerable if it contains a vulnerable array. A vulnerable array is one that:

  • has automatic storage duration

  • has a character type (char or wchar_t).

In addition to inserting the guard variable and check, the compiler also moves vulnerable arrays to the top of the stack, immediately preceding the guard variable. The compiler stores Aa copy of the guard variable’s value at another location, and uses the copy to check that the guard has not been overwritten, indicating a buffer overflow.

Usage

Use --protect_stack to enable the stack protection feature. Use --no_protect_stack to explicitly disable this feature. If both options are specified, the last option specified takes effect.

The --protect_stack_all option adds this protection to all functions regardless of their vulnerability.

With stack protection, when a vulnerable function is called, the initial value of its guard variable is taken from a global variable:

void *__stack_chk_guard;

You must provide this variable with a suitable value, such as a random value. The value can change during the life of the program. For example, a suitable implementation might be to have the value constantly changed by another thread. In addition, you must implement this function:

void __stack_chk_fail(void);

It is called by the checking code on detection of corruption of the guard. In general, such a function would exit, possibly after reporting a fault.

For consistency with GNU tools, the option -fstack-protector is treated identically to --protect-stack. Similarly, the -fstack-protector-all option is treated identically to --protect_stack_all.

Example

In the following function, the array buf is vulnerable and the function is protected when compiled with --protect-stack:

void copy(const char *p)
{
    char buf[4];
    strcpy(buf, p);
}

Default

The default is --no_protect_stack.