more -fstack-protector!

Andrew Bartlett abartlet at samba.org
Thu Mar 7 05:19:37 MST 2013


On Thu, 2013-03-07 at 13:07 +0100, Andreas Schneider wrote:

> So they are really low ...

Thank you so very much for the detailed analysis.  On that basis I'm
inclined not to add any additional options, and to always use this.

If we actually find a fast-path function that this really hurts us on,
we can revisit why we have stack arrays there in any case.  Changing to
a dynamic buffer will probably both resolve the security concern, and be
more correct (if a little slower). 

Andrew Bartlett
-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org




More information about the samba-technical mailing list