10491 – Cannot output security warning when compiled with buildroot cross compilers

Bug 10491 - Cannot output security warning when compiled with buildroot cross compilers

Summary: Cannot output security warning when compiled with buildroot cross compilers

Status:	RESOLVED INVALID

Alias:	None

Product:	buildroot
Classification:	Unclassified
Component:	Other (show other bugs)
Version:	2013.11
Hardware:	All Linux

Importance:	P5 critical
Target Milestone:	---
Assignee:	unassigned

URL:
Keywords:

Depends on:
Blocks:

Reported:	2017-11-10 06:56 UTC by Jason.fang
Modified:	2017-11-11 09:18 UTC (History)
CC List:	1 user (show)

See Also:
Host:
Target:
Build:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Jason.fang 2017-11-10 06:56:48 UTC

I met a requirements, the executable binary must pass the checking by https://github.com/slimm609/checksec.sh,

so I enabled following build configurations for my toolchain gcc:

_D_FORTIFY_SOURCE=2  -Wl,-z,relro,-z,now -fstack-protector-all 

but it didn't output any warning msgs during the compiling, while it showed properly warning msg when i use host gcc build.

below were my build logs:
=====================================

jason@linux-server:~/tmp/test$ 
jason@linux-server:~/tmp/test$ /opt/buildroot-gcc463/usr/bin/mipsel-buildroot-linux-uclibc-gcc -Wall -O2 -D_FORTIFY_SOURCE=2  -Wl,-z,relro,-z,now -fstack-protector-all -fpie -pie test.c -o testjason 

there were no any warning output.

While in host x86 gcc:
jason@linux-server:~/tmp/test$ 
jason@linux-server:~/tmp/test$ gcc  -Wall -O2 -D_FORTIFY_SOURCE=2  -Wl,-z,relro,-z,now -fstack-protector-all -fpie -pie test.c -o testjason 
In file included from /usr/include/string.h:640:0,
                 from test.c:2:
In function ‘memcpy’,
    inlined from ‘main’ at test.c:28:8:
/usr/include/x86_64-linux-gnu/bits/string3.h:51:3: warning: call to __builtin___memcpy_chk will always overflow destination buffer [enabled by default]
   return __builtin___memcpy_chk (__dest, __src, __len, __bos0 (__dest));
   ^
In function ‘memset’,
    inlined from ‘main’ at test.c:35:8:
/usr/include/x86_64-linux-gnu/bits/string3.h:84:3: warning: call to __builtin___memset_chk will always overflow destination buffer [enabled by default]
   return __builtin___memset_chk (__dest, __ch, __len, __bos0 (__dest));
   ^
jason@linux-server:~/tmp/test$ 
=======================================


for build toolchain, I enabled libssp only in package/gcc/gcc.mk file:

HOST_GCC_COMMON_CONF_OPT = \
        --target=$(GNU_TARGET_NAME) \
        --with-sysroot=$(STAGING_DIR) \
        --disable-__cxa_atexit \
        --with-gnu-ld \
        --enable-libssp \
        --disable-multilib \
        --with-gmp=$(HOST_DIR)/usr \
        --with-mpfr=$(HOST_DIR)/usr

Comment 1 Arnout Vandecappelle 2017-11-11 09:18:48 UTC

The warning you are looking for is supposed to be triggered by -D_FORTIFY_SOURCE=2.

Fortify is a bit special: it requires support both in the compiler and in libc. GCC has this support since 4.0, but uClibc and musl don't have support for Fortify at all. Thus, there is no way that -D_FORTIFY_SOURCE=2 is going to work with uClibc.

When support for Fortify will land in core Buildroot, it will depend on a glibc toolchain.

See also the discussion in http://patchwork.ozlabs.org/patch/830253/