• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Xcode 3 Supports Stack Canaries
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Xcode 3 Supports Stack Canaries

  • Subject: Re: Xcode 3 Supports Stack Canaries
  • From: Chris Espinosa <email@hidden>
  • Date: Mon, 3 Dec 2007 17:02:24 -0800
On Dec 3, 2007, at 4:51 PM, Michael Crawford wrote:

I thought I should point out  a gcc feature that's new in XCode 3:
Stack Canaries.  I learned about them just now in a discussion of
security on Slashdot.  I don't recall them ever being mentioned in any
of the Xcode release notes.

A Stack Canary is a bit of data with a known value that's added to a
stack frame when it's entered, and checked just before function
return.  If the value has been changed, a message is printed and the
program exits.

This can protect against buffer overflow attacks on stack variables.

The name comes from the use of real canaries in mines to warn miners
of toxic gases; canaries are more sensitive to them than humans are,
so a passed-out canary can save lives.

To use Stack Canaries, add the -fstack-protector flag to your GCC
command line.  In an Xcode project, add that to your "other C flags"
or "Other C++ flags" in the build settings.  See "man gcc" for more
information.

They are explained in detail at
http://en.wikipedia.org/wiki/Stack-smashing_protection

The article claims that they have a very minimal performance impact;
they'll add a small amount to function call overhead, but on today's
processors that would be quite miniscule.

One thing I'd like to see is a way to override the function that
prints the message and exits, so that one can show an alert instead,
and possibly try to save the user's document.

Stack canaries, as you can see from the above, are supported in the gcc compiler but there's no explicit UI for them in Xcode's project interface or debugger. We expect that in the future, but you can still use the feature in Xcode 3.0 on Leopard.

Session 109 at WWDC (available online to ADR members) described this technique,but otherwise, the only documentation is in that obscure, hidden place known as the man page for the compiler:

       -fstack-protector
           Emit extra code to check for buffer overflows, such as stack
           smashing attacks.  This is done by adding a guard variable to
           functions with vulnerable objects.  This includes functions that
           call alloca, and functions with buffers larger than 8 bytes.  The
           guards are initialized when a function is entered and then checked
           when the function exits.  If a guard check fails, an error message
           is printed and the program exits.

       -fstack-protector-all
           Like -fstack-protector except that all functions are protected.



 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Xcode-users mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • Re: Xcode 3 Supports Stack Canaries
      • From: glenn andreas <email@hidden>
    • Re: Xcode 3 Supports Stack Canaries
      • From: "Sean McBride" <email@hidden>
References: 
 >XCode 3 Supports Stack Canaries (From: "Michael Crawford" <email@hidden>)

  • Prev by Date: Re: Leopard xCode 2.5 Libtool build error
  • Next by Date: Re: Problem building for 10.2.8 under Leopard
  • Previous by thread: XCode 3 Supports Stack Canaries
  • Next by thread: Re: Xcode 3 Supports Stack Canaries
  • Index(es):
    • Date
    • Thread