[Bug 2200] RFE: Solaris should compile Xserver and X11 applications
with -xcheck=stkovf
bugzilla-daemon@freedesktop.org
bugzilla-daemon@freedesktop.org
Mon Jan 3 08:26:12 PST 2005
Please do not reply to this email: if you want to comment on the bug, go to
the URL shown below and enter yourcomments there.
https://bugs.freedesktop.org/show_bug.cgi?id=2200
------- Additional Comments From Seongbae.Park@Sun.COM 2005-01-03 08:26 -------
Let's clarify a few things first.
-xcheck=stkovf flag protects against a stack overflow but not a buffer overflow.
The difference is that a stack overflow can occur even in a non-buggy program
that simply uses more stack space than the actual stack size, but a buffer
overflow occurs due to a program bug that sometimes can overwrite the
non-current stack frame. So compiling Xserver and X11 applications with
-xcheck=stkovf will help debugging a potential stack overflow problems, but
that's not likely to make them secure from the buffer overflow attack.
The former alone might be valuable enough to trade the performance hit of
-xcheck=stkovf, but I'm not so sure.
--
Configure bugmail: https://bugs.freedesktop.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the xorg-bugzilla-noise
mailing list