Purpose
Provides protection against malicious
code or programming errors that overwrite or corrupt the stack.
Syntax
.-nostackprotect-.
>>- -q--+-stackprotect---+----=----+-all--------+--------------><
'-size--=--N-'
Parameters
- all
- all protects all procedures whether or not there are vulnerable
objects. This option is not set by default.
- size=N
- size=N protects all procedures containing
automatic objects greater or equal to N bytes in size. The
default size is 8 when -qstackprotect is enabled.
Note: When
both all and size are used, the last option wins.
Usage
-qstackprotect generates extra
code to protect procedures with vulnerable objects against stack corruption.
This option is disabled by default because it can cause performance
degradation. The default option is -qnostackprotect.
To
generate code to protect all procedures with vulnerable objects:
xlc myprogram.c -qstackprotect=all
To
generate code to protect procedures with objects of certain bytes:
xlc myprogram.c -qstackprotect=size=8
Note: - This option cannot be used with #pragma options.
- Because of the dependency on libc.a in AIX®,
this option requires the following AIX levels:
- AIX 5.3/TL11
and up.
- AIX 6.1/TL4
and up.
- If the link step fails with a message that
indicates __ssp_canary_word is undefined, you have probably
used an unsupported level of AIX.