From 9fb58ca3604cb1426e94689fab57ab5c127c8c55 Mon Sep 17 00:00:00 2001
From: Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de>
Date: Sat, 19 Apr 2008 17:56:07 +0200
Subject: [PATCH] Enhanced __stack_chk_fail

* modified __stack_chk_fail() to trigger a segfault by accessing
  address 0x0. Every system with an MMU known by me, segfaults
  by dereferencing a NULL pointer.

* added hack to compile stack_smash_handler2 with
  '--fno-omit-frame-pointer'.
---
 Makefile                   |    3 ++-
 lib/stack_smash_handler2.c |   10 +++++++++-
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/Makefile b/Makefile
index adc2779..0cd0105 100644
--- a/Makefile
+++ b/Makefile
@@ -172,9 +172,10 @@ $(OBJDIR)/%.o: %.S $(ARCH)/syscalls.h
 $(OBJDIR)/pthread_%.o: libpthread/pthread_%.c
 	$(CROSS)$(CC) $(INC) $(CFLAGS) -c $< -o $@
 	$(COMMENT) -$(CROSS)strip -x -R .comment -R .note $@
+$(OBJDIR)/stack_smash_handler2.o:	XCFLAGS:=-fno-omit-frame-pointer
 
 $(OBJDIR)/%.o: %.c
-	$(CROSS)$(CC) $(INC) $(CFLAGS) -c $< -o $@ -D__dietlibc__
+	$(CROSS)$(CC) $(INC) $(CFLAGS) $(XCFLAGS) -c $< -o $@ -D__dietlibc__
 	$(COMMENT) -$(CROSS)strip -x -R .comment -R .note $@
 endif
 
diff --git a/lib/stack_smash_handler2.c b/lib/stack_smash_handler2.c
index 9e85099..ecefeb8 100644
--- a/lib/stack_smash_handler2.c
+++ b/lib/stack_smash_handler2.c
@@ -8,5 +8,13 @@ void __stack_chk_fail(void);
  * diagnostics.  No more. :-( */
 void __stack_chk_fail(void) {
   __write2("smashed stack detected, program terminated.\n");
-  _exit(127);
+
+  /* trigger a segfault which can be inspected within a debugger (inclusive
+   * stack-trace). 'abort(3)' at this place would be too heavy weighted.
+   *
+   * TODO: limit this to systems which are known to have an MMU (resp. is
+   * dietlibc with stack-protector used on systems without an MMU?)
+   */
+  while (1)
+	  *(char *)0 = 0;
 }
-- 
1.5.4.5