mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2025-01-11 17:04:19 +01:00
d03c587ffa
so we cannot compile it with -fstack-protector[-all] flags (or it will self-recurse); this is ensured in sys/conf/files. This OTOH means that checking for defines __SSP__ and __SSP_ALL__ to determine if we should be compiling the support is impossible (which it was trying, resulting in an empty object file). Fix this by always compiling the symbols in this files. It's good because it allows us to always have SSP support, and then compile with SSP selectively. Repoted by: tinderbox
33 lines
766 B
C
33 lines
766 B
C
#include <sys/cdefs.h>
|
|
__FBSDID("$FreeBSD$");
|
|
|
|
#include <sys/types.h>
|
|
#include <sys/param.h>
|
|
#include <sys/kernel.h>
|
|
#include <sys/systm.h>
|
|
#include <sys/libkern.h>
|
|
|
|
long __stack_chk_guard[8] = {};
|
|
void __stack_chk_fail(void);
|
|
|
|
void
|
|
__stack_chk_fail(void)
|
|
{
|
|
|
|
panic("stack overflow detected; backtrace may be corrupted");
|
|
}
|
|
|
|
#define __arraycount(__x) (sizeof(__x) / sizeof(__x[0]))
|
|
static void
|
|
__stack_chk_init(void *dummy __unused)
|
|
{
|
|
size_t i;
|
|
long guard[__arraycount(__stack_chk_guard)];
|
|
|
|
arc4rand(guard, sizeof(guard), 0);
|
|
for (i = 0; i < __arraycount(guard); i++)
|
|
__stack_chk_guard[i] = guard[i];
|
|
}
|
|
/* SI_SUB_EVENTHANDLER is right after SI_SUB_LOCK used by arc4rand() init. */
|
|
SYSINIT(stack_chk, SI_SUB_EVENTHANDLER, SI_ORDER_ANY, __stack_chk_init, NULL);
|