cpp-d1064d

[cross.git] / i686-linux-gnu-4.7 / usr / share / doc / gcc-4.7-base / README.ssp

diff --git a/i686-linux-gnu-4.7/usr/share/doc/gcc-4.7-base/README.ssp b/i686-linux-gnu-4.7/usr/share/doc/gcc-4.7-base/README.ssp
new file mode 100644 (file)
index 0000000..9facca7
--- /dev/null
+++ b/i686-linux-gnu-4.7/usr/share/doc/gcc-4.7-base/README.ssp
@@ -0,0 +1,28 @@
+Stack smashing protection is a feature of GCC that enables a program to
+detect buffer overflows and immediately terminate execution, rather than
+continuing execution with corrupt internal data structures. It uses
+"canaries" and local variable reordering to reduce the likelihood of
+stack corruption through buffer overflows.
+
+Options that affect stack smashing protection:
+
+-fstack-protector
+    Enables protection for functions that are vulnerable to stack
+    smashing, such as those that call alloca() or use pointers.
+
+-fstack-protector-all
+    Enables protection for all functions.
+
+-Wstack-protector
+    Warns about functions that will not be protected. Only active when
+    -fstack-protector has been used.
+
+Applications built with stack smashing protection should link with the
+ssp library by using the option "-lssp" for systems with glibc-2.3.x or
+older; glibc-2.4 and newer versions provide this functionality in libc.
+
+The Debian architectures alpha, hppa, ia64, m68k, mips, mipsel do not
+have support for stack smashing protection.
+
+More documentation can be found at the project's website:
+http://researchweb.watson.ibm.com/trl/projects/security/ssp/