[cadcdev-svn-commits] [SCM] branch master updated. v2.0.0-1405-gda8b487f

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "A pseudo Operating System for the Dreamcast.".

The branch, master has been updated
       via  da8b487f97bc72ee11e601f5513eff6970ecae95 (commit)
      from  e0b462e01dfe24cd573fd63c705d8e1300ec7cba (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit da8b487f97bc72ee11e601f5513eff6970ecae95
Author: Falco Girgis <gyr...@gm...>
Date:   Tue May 21 08:55:30 2024 -0500

    Stack Protector environ.sh Option + Example Tweak (#580)
    
    * Fixed up stackprotector example to work with LTO.
    
    And to eventually be usable as an automated test which has its return
    value examined.
    
    * Added environ config option for stack protector.

-----------------------------------------------------------------------

Summary of changes:
 doc/environ.sh.sample                              | 11 +++++++++
 .../basic/stackprotector/stackprotector.c          | 27 ++++++++++++++++------
 kernel/arch/dreamcast/include/arch/stack.h         |  2 +-
 3 files changed, 32 insertions(+), 8 deletions(-)

diff --git a/doc/environ.sh.sample b/doc/environ.sh.sample
index b2d26752..0c6347b1 100644
--- a/doc/environ.sh.sample
+++ b/doc/environ.sh.sample
@@ -143,6 +143,17 @@ export KOS_CFLAGS="${KOS_CFLAGS} -O2"
 export KOS_CFLAGS="${KOS_CFLAGS} -fomit-frame-pointer"
 #export KOS_CFLAGS="${KOS_CFLAGS} -fno-omit-frame-pointer -DFRAME_POINTERS"
 
+# Stack Protector
+#
+# Controls whether GCC emits extra code to check for buffer overflows or stack
+# smashing, which can be very useful for debugging. -fstack-protector only
+# covers vulnerable objects, while -fstack-protector-strong provides medium
+# coverage, and -fstack-protector-all provides full coverage. You may also
+# override the default stack excepton handler by providing your own
+# implementation of "void __stack_chk_fail(void)."
+#
+#export KOS_CFLAGS="${KOS_CFLAGS} -fstack-protector-all"
+
 # GCC Builtin Functions
 #
 # Comment out this line to enable GCC to use its own builtin implementations of
diff --git a/examples/dreamcast/basic/stackprotector/stackprotector.c b/examples/dreamcast/basic/stackprotector/stackprotector.c
index 4f8ea139..ca89b594 100644
--- a/examples/dreamcast/basic/stackprotector/stackprotector.c
+++ b/examples/dreamcast/basic/stackprotector/stackprotector.c
@@ -2,6 +2,7 @@
 
    stackprotector.c
    Copyright (C) 2021 Lawrence Sebald
+   Copyright (C) 2024 Falco Girgis
 */
 
 /* This example shows how to make use of GCC's -fstack-protector options to
@@ -26,19 +27,29 @@
 #include <string.h>
 #include <stdio.h>
 #include <arch/arch.h>
+#include <stdlib.h>
 
 /* This function will override the default stack protector handler that is
    defined in Newlib. This is not necessary to enable the stack protector,
    but is nice for being able to draw the error message to the screen or
-   whatnot (not that we do any of that here). */
-void __stack_chk_fail(void) {
+   whatnot (not that we do any of that here).
+
+   NOTE: Typically you would want to call abort() and/or write to stderr
+         rather than stdout, but we exit gracefully in this example due to
+         the fact that we're simply testing the stack checker functionality.
+
+   WARNING: This function must be explicitly marked with the used attribute
+            when compiling with LTO enabled to prevent it from being removed,
+            which means you will be calling into Newlib's default handler.
+*/
+__used void __stack_chk_fail(void) {
     unsigned int pr = (unsigned int)arch_get_ret_addr();
     printf("Stack smashed at PR=0x%08x\n", pr);
-    printf("Aborting program.\n");
-    arch_abort();
+    printf("Successfully detected stack corruption!\n");
+    exit(EXIT_SUCCESS);
 }
 
-__attribute__((noinline)) void badfunc(void) {
+__noinline void badfunc(void) {
     char buffer[8];
     strcpy(buffer, "This string is entirely too long and will overflow.");
 }
@@ -46,10 +57,12 @@ __attribute__((noinline)) void badfunc(void) {
 int main(int argc, char **argv) {
     printf("Stack protector test....\n");
     printf("About to call badfunc()...\n");
+
     badfunc();
-    printf("This shouldn't print out if stack protector is enabled.\n");
 
-    return 0;
+    fprintf(stderr, "This shouldn't print out if stack protector is enabled.\n");
+
+    return EXIT_FAILURE;
 }
 
 
diff --git a/kernel/arch/dreamcast/include/arch/stack.h b/kernel/arch/dreamcast/include/arch/stack.h
index 80cc1f8c..38f1b0be 100644
--- a/kernel/arch/dreamcast/include/arch/stack.h
+++ b/kernel/arch/dreamcast/include/arch/stack.h
@@ -6,7 +6,7 @@
 */
 
 /** \file    arch/stack.h
-    \brief   Stack traces.
+    \brief   Stack tracing.
     \ingroup debugging_stacktrace
 
     The functions in this file deal with doing stack traces. These functions


hooks/post-receive
-- 
A pseudo Operating System for the Dreamcast.


