>> But [...] __ssp_overlap succeeded to pinpoint the overlap with the >> buffer declared as an (fixed size) array but not when it was >> dynamically allocated. > Correct, the SSP primitives will only ever work for static buffers.
But they are designed and intended to catch stack-smashing potential, are they not? In that case, this is what I'd expect, because a dynamically allocated buffer is not on the stack and thus inherently has no stack-smashing potential. Unless "dynamically allocated" here means something like a variable-sized array or alloca(), which isn't what it sounded like. /~\ The ASCII Mouse \ / Ribbon Campaign X Against HTML mo...@rodents-montreal.org / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
