Bug 6026 - -Wstrict-overflow and -Wtrampolines should be part of standard CFLAGS
Summary: -Wstrict-overflow and -Wtrampolines should be part of standard CFLAGS
Status: NEW
Alias: None
Product: uClibc
Classification: Unclassified
Component: Other (show other bugs)
Version: unspecified
Hardware: All Linux
: P5 minor
Target Milestone: ---
Assignee: unassigned
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2013-03-02 19:28 UTC by Jeffrey Walton
Modified: 2015-06-03 01:29 UTC (History)
2 users (show)

See Also:
Host:
Target:
Build:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Jeffrey Walton 2013-03-02 19:28:21 UTC 
-Wstrict-overflow and -Wtrampolines are great choices for warning options, and its good to see they show up with '

-Wstrict-overflow warns about optimizations taken due to overflow. That means code could be potentially removed due to undefined behavior. Undefined behavior is probably an unintentional error, so the programmer should receive a warning. -Wstrict-overflow should be enabled by default regardless of kconfig wishes.

-Wtrampolines are an important warning because they are mutually exclusive with no-exec stacks. The project currently specifies -Wa,noexecstack (and possible -z,noexecstack), so it appears the project is taking a good defensive position. Unfortunately, a trampoline will cause the silent loss of a no-exec stack. -Wtrampolines should be enabled by default regardless of kconfig wishes.

-Wstrict-overflow is available for non-ancient GCC, while -Wtrampolines is available in GCC 4.3 and above.

For auditing no-exe stacks, Tobias Klien has a neat little tool called Checksec (http://www.trapkit.de/tools/checksec.html). For manual auditing, use readelf:

  $ readelf -l <module> | grep -A 1 -i GNU_STACK

Note: the stack segment must be marked RW (not RWE), *and* it must be 0 size. Otherwise, you don't have a no-exec stack.