Closed rossburton closed 1 year ago
Currently the configure check only verifies that -fstack-clash-protection is accepted by the linker. It should probably test that it is accepted when compiling a trivial program.
After a bit of fiddling I was able to trigger this on an arm VM. The difficulty is that the gcc front-end may accept -fstack-clash-protection
even when the machine-dependent code does not support it. Using a test program with a large stack allocation causes the compiler to emit the protection code, or fail as in your case.
Can you verify that a checkout that includes 3662175 works for you?
This was fixed in sudo 1.9.12p1.
Sorry for not getting around to testing your fix. It looks right, I'll get back to you shortly if it breaks as the upgrade has been queued.
If I build sudo for armv5 with thumb-1 enabled:
It looks like the configure check for
-fstack-clash-protection
isn't quite being comprehensive enough? Is it passing all of theCFLAGS
that are used in the build?