Panic on stack protector crash instead of exit (#2955)

Newlib has a stack protector fail handler which write(2)s a message to STDERR which doesn't work here. Override with a call to panic(). Tell GCC to protect all functions for stack protection instead of ones that it heuristically decides need protection. Slower but safer, and only when stack protection is enabled.
2025-05-14 07:38:25 -07:00 · 2025-05-14 07:38:25 -07:00 · d5e844b2bd
commit d5e844b2bd
parent de7f1a7e83
4 changed files with 137 additions and 128 deletions
--- a/boards.txt
+++ b/boards.txt
--- a/cores/rp2040/main.cpp
+++ b/cores/rp2040/main.cpp
@ -244,3 +244,10 @@ void hexdump(const void* mem, uint32_t len, uint8_t cols) {
 }
 const String emptyString = "";
 extern "C" void __attribute__((__noreturn__)) __wrap___stack_chk_fail() {
    while (true) {
        panic("*** stack smashing detected ***: terminated\n");
    }
 }
--- a/lib/core_wrap.txt
+++ b/lib/core_wrap.txt
@ -67,3 +67,5 @@
 -Wl,--wrap=cyw43_tcpip_link_status
 -Wl,--wrap=cyw43_cb_tcpip_init
 -Wl,--wrap=cyw43_cb_tcpip_deinit
 -Wl,--wrap=__stack_chk_fail
--- a/tools/makeboards.py
+++ b/tools/makeboards.py
@ -112,7 +112,7 @@ def BuildStackProtect(name):
    print("%s.menu.stackprotect.Disabled=Disabled" % (name))
    print("%s.menu.stackprotect.Disabled.build.flags.stackprotect=" % (name))
    print("%s.menu.stackprotect.Enabled=Enabled" % (name))
-    print("%s.menu.stackprotect.Enabled.build.flags.stackprotect=-fstack-protector" % (name))
+    print("%s.menu.stackprotect.Enabled.build.flags.stackprotect=-fstack-protector-all" % (name))
 def BuildExceptions(name):
    print("%s.menu.exceptions.Disabled=Disabled" % (name))