Stack protection
QNX SDP8.0QNX OS System Security GuideAPIConfiguration
Stack cookies provide protection against stack buffer overflow on stack-allocated variables, preventing program misbehaviours.
They are enabled by any of the following compiler options:
- -fstack-protector
- Protects any function that declares a character array of eight bytes or more in length on its stack.
- -fstack-protector-all
- Protects all functions.
- -fstack-protector-strong
- Balanced between -fstack-protector and -fstack-protector-all, the purpose of this option is to gain performance while sacrificing little security by broadening the scope of the stack protection without extending it to every function in the program.
Binaries built for QNX OS are built with a non-executable stack by default. The stack’s executable state is found in a QNX-specific ELF note of type QNT_STACK.
The following example command checks the executable state of the less utility:
$ elfnote -t QNT_STACK -p less
QNX specific note (name = QNX, type = 3)
type : QNT_STACK
stacksize : 0
stackalloc : 4096
executable : no
hex : 000000000010000001000000
For more information on QNX OS note types, see the elfnote entry in the Utilities Reference.
You can use the qchecksec utility to determine both whether stack cookies are enabled for a binary and a stack's executable state. See the qchecksec entry in the Utilities Reference.
Page updated: