Commit 4f198289 authored Jul 08, 2013 by Kees Cook Committed by Greg Kroah-Hartman Jul 24, 2013

lkdtm: fix stack protector trigger



The -fstack-protector compiler flag will only build stack protections if
a character array is seen. Additionally, the offset to the saved
instruction pointer changes based on architecture, so stomp much harder
(64 bytes) when corrupting the stack.

Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

parent 7b5d4122

drivers/misc/lkdtm.c

+3 −3

Original line number	Diff line number	Diff line
		@@ -295,10 +295,10 @@ static void lkdtm_do_action(enum ctype which)
		(void) recursive_loop(0);
		break;
		case CT_CORRUPT_STACK: {
		volatile u32 data[8];
		volatile u32 *p = data;
		/* Make sure the compiler creates and uses an 8 char array. */
		volatile char data[8];

		p[12] = 0x12345678;
		memset((void *)data, 0, 64);
		break;
		}
		case CT_UNALIGNED_LOAD_STORE_WRITE: {