Using stack-protector with CubeIDE

Question

I'm looking for some info about and help with using -fstack-protector and similar compiler options with STM32CubeIde. I've never used these flags before, but enabling them does seem to compile fine. Am I correct in assuming that the GCC supplied with Cube supports this? Where is the implementation of required functions (ie. __stack_chk_guard)? Can I just override these?

Any guidance on how to use these options for STM32?

FBL · Accepted Answer

Hello @DB.7ujak​ Indeed, it is supported.In order to use -fstack-protector in STM32CubeIDE, you can follow these steps:Open your project in CubeIDE, and go to Project > Properties.In the Properties dialog box, navigate to C/C++ Build > Settings.In the Settings page, navigate to Tool Settings > MCU C Compiler > Miscellaneous.In the Miscellaneous page, check the box next to "-fstack-protector" to enable the flag.Once you have enabled -fstack-protector, the required functions, including __stack_chk_guard, will be automatically generated by the compiler. You do not need to override these functions, as they are part of the compiler's implementation. It is a security feature that can prevent buffer overflow.Hope this helps!

DreamOnDirac · Answer

HiAccording to the GCC documentation, stack-usage and stack-protection is not the same thing.https://gcc.gnu.org/onlinedocs/gcc/Instrumentation-Options.htmlstack-usage is indeed useful, but it is not the feature that is requested by the OP.Eric Stryger has made an excellent post about stack-protection here:https://mcuoneclipse.com/2019/09/28/stack-canaries-with-gcc-checking-for-stack-overflow-at-runtime/  I have also made requests on the subject here on this forumhttps://community.st.com/t5/stm32cubeide-mcus/please-change-gcc-stack-canary-to-be-weak/td-p/630140 Best regardsMartin

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded