I’m porting software to Apple’s Clang 7.0, as released in Xcode 7.0. I’m not clear how that version number relates to the Clang 3.x version numbers.
I’m interested in turning on checking for stack buffer overflows. There’s the GCC option -fstack-protector, and then there’s the SafeStack sanitizer, http://clang.llvm.org/docs/SafeStack.html. However, that doesn’t support linking DSOs, and that’s actually vital for my purposes: the product I’m working on is mathematical modelling libraries, delivered as DSOs.
So I think -fstack-protector is what I need to use, but I can’t find any Clang documentation about it. Any suggestions?
I’m porting software to Apple’s Clang 7.0, as released in Xcode 7.0. I’m not clear how that
version number relates to the Clang 3.x version numbers.
clang -v reveals that Apple LLVM 7.0.0 is based on LLVM 3.7.0svn.
So I think -fstack-protector is what I need to use, but I can’t find any Clang documentation about it. Any suggestions?
Experimenting with clang -v and the various -stack-protector options reveals that Clang as far back LLVM3.1 has used -fstack-protector by default, and has -fstack-protector-all. Clang from LLVM 3.7 implements -fstack-protector-strong, which seems like the sensible thing to try as an upgrade from the basic -fstack-protector.