Is there a way to deactivate Buffer overflow protection on my machine?

linux security gcc

33,956

GCC

On gcc (man gcc) the checks are enabled by

  -fstack-protector
      Emit extra code to check for buffer overflows, such as stack smashing attacks.  >This is done by adding a guard variable to functions with
      vulnerable objects.  This includes functions that call alloca, and functions with >buffers larger than 8 bytes.  The guards are initialized when
      a function is entered and then checked when the function exits.  If a guard check >fails, an error message is printed and the program exits.

  -fstack-protector-all
      Like -fstack-protector except that all functions are protected.

You can disable both by prepending no- to the option name

-fno-stack-protector -fno-stack-protector-all

LLVM/Clang

On LLVM/Clang (http://clang.llvm.org/docs/UsersManual.html#commandline) to enable/disable AdressSanitizer:

-f[no-]address-sanitizer: Turn on AddressSanitizer, a memory error detector.

and SAFECode (http://safecode.cs.illinois.edu/docs/UsersGuide.html)

-f[no-]memsafety

33,956

Pallab Gain

I am Fotis Koutoulakis, a Computer Scientist mostly interested in Programming Languages, both theory and implementation. Secondary interests of mine include complexity theory, machine learning and distributed systems.

Updated on September 18, 2022

Comments

Pallab Gain over 1 year
I want to do some experiments with buffer overflows on my various virtual machines, including (but not limited to) Debian 6, Ubuntu 12.04, Fedora 16, but every time I try to execute the buffer overflow exploit I get the following message:
```
stack smashing detected (core dumped)
```
After doing my research I read that it is a feature called buffer overflow protection implemented in the compiler. GCC for instance uses GCC Stack-Smashing Protector (ProPolice), Clang/LLVM uses two buffer overflow detectors, SafeCode and AddressSanitizer.

My question is: Since I really want to check out buffer overflow attacks on my machines is there a way (a compiler flag, perhaps? a linux config file?) to deactivate the buffer overflow protection?
Michuelnik over 11 years

Is there a (simple) way to detect, whether a program has been compiled with SSP?
Matteo over 11 years

@Michuelnik you could see if the binary contains any reference to __stack_chk_fail (e.g., strings /bin/mybinary | grep __stack_chk_fail
Marcin Krasowski over 10 years

i just tested it with GCC 4.7 and 4.1: option -fno-stack-protector-all is not recognized (-fstack-protector, -fstack-protector-all and -fno-stack-protector are recognized)