Hi, I've written a small blog post about the stack protector: http://www.productive-cpp.com/hardening-cpp-programs-stack-protector/ While playing around with the features, I noticed that they do not behave exactly as documented: https://gcc.gnu.org/onlinedocs/gcc/Instrumentation-Options.html "-fstack-protector" Emit extra code to check for buffer overflows, such as stack smashing attacks. This is done by adding a guard variable to functions with vulnerable objects. This includes functions that call alloca, and _functions with buffers larger than 8 bytes_. The guards are initialized when a function is entered and then checked when the function exits. If a guard check fails, an error message is printed and the program exits. "with buffers larger than 8 bytes" - here I found that a buffer of exactly 8 bytes is also instrumented. The documentation only talks about buffers. This might be mistaken for arrays in general. It might be clearer to state that only char arrays are instrumented (and not e.g. wchar!) I can also make the appropriate changes if you can point me to a page describing the process. Thanks and Best regards, Martin -- http://www.productive-cpp.com/
