What do the different stack-protector levels protect in Clang?


I see documentation out there for the levels of stack-protector in GCC: Regular protects functions that have buffers or that use alloca(), all protects all functions, strong protects functions with the conditions listed in para 3 in this doc: https://docs.google.com/document/d/1xXBH6rRZue4f296vGt9YQcuLVQHeE516stHwt8M9xyU/editAlso, in GCC, stack-protector puts variables below buffers on the stack (i.e., higher up the stack).

I’m having trouble finding similar documentation for Clang. (Even if it’s just an official statement that “Clang does the same thing as GCC.”)


Is this https://clang.llvm.org/docs/ClangCommandLineReference.html what you are looking at?
Under the Clang source directory, grep -r "stack-protector" docs/* gives the following result:

docs/ClangCommandLineReference.rst:… option:: -fstack-protector, -fno-stack-protector
docs/ClangCommandLineReference.rst:… option:: -fstack-protector-all
docs/ClangCommandLineReference.rst:… option:: -fstack-protector-strong

​Or you can goole with “stack protector site:http://lists.llvm.org/pipermail/cfe-dev/” to find something
on the cfe-dev mailing list. I think that’s all you can find.


A typo in my OP broke the link to the document on Google Docs. Here is the link:

Here is more specifically what I am looking for:
In GCC, it is published that the stack protector option levels do the following things (this is in the linked document):
-fno-stack-protector: No protection.
-fstack-protector: Protection for functions in which either of the following is true:

  • The function uses alloca
  • There is a char array that is bigger than 8 bytes (actually, bigger than whatever SSP_BUFFER_SIZE is)
    -fstack-protector-all: Protection for all functions - no heuristic.
    -fstack-protector-strong: Protection for functions in which any of the following is true:
  • Any the address of any local variable used in the RHS of an assignment
  • Any local variable is passed by reference to a function
  • There is any array, regardless of array type or length
  • There is a struct/union containing an array
  • There are register local variables

(Also, the stack data is rearranged such that variables are at lower addresses than buffers.)

What about on Clang? What specifically does -fstack-protector protect? What specifically does -fstack-protector-strong protect? Is it exactly the same definition as in GCC?