summaryrefslogtreecommitdiff
path: root/sys-devel/base-gcc/files/pro-police-docs.patch
blob: 091ea44ef0d71143bb967c9fd2f01d19aee96882 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
Index: gcc/doc/invoke.texi
===================================================================
RCS file: /cvsroot/gcc/gcc/gcc/doc/invoke.texi,v
retrieving revision 1.364
diff -c -3 -p -r1.364 invoke.texi
*** gcc/doc/invoke.texi	21 Nov 2003 11:42:58 -0000	1.364
--- gcc/doc/invoke.texi	22 Nov 2003 08:12:35 -0000
*************** in the following sections.
*** 228,234 ****
  -Wno-multichar  -Wnonnull  -Wpacked  -Wpadded @gol
  -Wparentheses  -Wpointer-arith  -Wredundant-decls @gol
  -Wreturn-type  -Wsequence-point  -Wshadow @gol
! -Wsign-compare  -Wstrict-aliasing @gol
  -Wswitch  -Wswitch-default  -Wswitch-enum @gol
  -Wsystem-headers  -Wtrigraphs  -Wundef  -Wuninitialized @gol
  -Wunknown-pragmas  -Wunreachable-code @gol
--- 228,234 ----
  -Wno-multichar  -Wnonnull  -Wpacked  -Wpadded @gol
  -Wparentheses  -Wpointer-arith  -Wredundant-decls @gol
  -Wreturn-type  -Wsequence-point  -Wshadow @gol
! -Wsign-compare  -Wstack-protector  -Wstrict-aliasing @gol
  -Wswitch  -Wswitch-default  -Wswitch-enum @gol
  -Wsystem-headers  -Wtrigraphs  -Wundef  -Wuninitialized @gol
  -Wunknown-pragmas  -Wunreachable-code @gol
*************** in the following sections.
*** 681,686 ****
--- 681,687 ----
  -fshort-double  -fshort-wchar @gol
  -fverbose-asm  -fpack-struct  -fstack-check @gol
  -fstack-limit-register=@var{reg}  -fstack-limit-symbol=@var{sym} @gol
+ -fstack-protector  -fstack-protector-all @gol
  -fargument-alias  -fargument-noalias @gol
  -fargument-noalias-global  -fleading-underscore @gol
  -ftls-model=@var{model} @gol
*************** effectively.  Often, the problem is that
*** 3014,3019 ****
--- 3015,3024 ----
  complex; GCC will refuse to optimize programs when the optimization
  itself is likely to take inordinate amounts of time.
  
+ @item -Wstack-protector
+ @opindex Wstack-protector
+ Warn when not issuing stack smashing protection for some reason
+ 
  @item -Werror
  @opindex Werror
  Make all warnings into errors.
*************** and grows downwards, you can use the fla
*** 11474,11479 ****
--- 11479,11502 ----
  @option{-fstack-limit-symbol=__stack_limit} and
  @option{-Wl,--defsym,__stack_limit=0x7ffe0000} to enforce a stack limit
  of 128KB@.  Note that this may only work with the GNU linker.
+ 
+ @item -fstack-protector
+ @item -fstack-protector-all
+ @opindex fstack-protector
+ @opindex fstack-protector-all
+ @opindex fno-stack-protector
+ Generate code to protect an application from a stack smashing
+ attack. The features are (1) the insertion of random value next to the
+ frame pointer to detect the integrity of the stack, (2) the reordering
+ of local variables to place buffers after pointers to avoid the
+ corruption of pointers that could be used to further corrupt arbitrary
+ memory locations, (3) the copying of pointers in function arguments to
+ an area preceding local variable buffers to prevent the corruption of
+ pointers that could be used to further corrupt arbitrary memory
+ locations, and the (4) omission of instrumentation code from some
+ functions to decrease the performance overhead.  If the integrity
+ would be broken, the program is aborted.  If no-stack-protector is
+ specified, instrumentation codes are generated at every functions.
  
  @cindex aliasing of parameters
  @cindex parameters, aliased