gcc warning : not protecting function: no buffer at least 8 bytes long

compiling tor-0.2.2.17-alpha with --gcc-hardening --linker-hardening

http://pastebin.ca/1958264

occurs on both debian etch and ubuntu 10.04

Trac:
Username: keb

added --gcc-hardening --linker-hardening component::core tor/tor debian priority::medium reporter::keb resolution::fixed status::closed type::defect labels

Interesting. I wonder if the warning is bogus.
It happens because we do this:
  char hdr[VAR_CELL_HEADER_SIZE]; where VAR_CELL_HEADER_SIZE is 5

In theory we're setting stack-protector-all, so this warning should not happen.

Trac:
Username: keb

bug.txt

log of configure and make

Trac:
Username: keb

http://stackoverflow.com/questions/1629685/when-and-how-to-use-gccs-stack-protection-feature has a workaround and a switch to disable the warning.

Well, we're using

  if test x$have_gcc42 = xyes ; then?
    # These warnings break gcc 4.0.2 and work on gcc 4.2
    # XXXX020 Use -fstack-protector.
    # XXXX020 See if any of these work with earlier versions.
    CFLAGS="$CFLAGS -Waddress -Wmissing-noreturn -Wnormalized=id -Woverride-init -Wstrict-overflow=1 --param ssp-buffer-size=1"
    # We used to use -Wstrict-overflow=5, but that breaks us heavily under 4.3.
  fi

Looks like we need to carefully evaluate which options to use depending on the compiler's version.

on ubuntu it is gcc (Ubuntu 4.4.3-4ubuntu5) 4.4.3 on debian it is gcc (GCC) 4.1.2 20061115 (prerelease) (Debian 4.1.1-21)

Trac:
Username: keb

What's that "--param ssp-buffer-size=1" doing there? It's not a warning option, it's a compilation option, and that code is code to add extra warnings when building with --enable-gcc-warnings , right?

Hah. You're right. We never saw this because we always compile with --enable-gcc-warnings.

Needs a backport to 0.2.2. We should still sort out the XXX there

branch bug2031 in my repo has a fix. It is based on 0.2.2, but also merges cleanly into master.

Trac:
Status: new to needs_review

Merged to 0.2.2 and master.

Trac:
Status: needs_review to closed
Resolution: N/A to fixed

Trac:
Component: Tor Client to Tor

closed

moved to tpo/core/tor#2031 (closed)