CONFIG_STACK_CANARIES

Compiler stack canaries

Type: bool

Help

This option enables compiler stack canaries.

If stack canaries are supported by the compiler, it will emit extra code that inserts a canary value into the stack frame when a function is entered and validates this value upon exit. Stack corruption (such as that caused by buffer overflow) results in a fatal error condition for the running entity. Enabling this option can result in a significant increase in footprint and an associated decrease in performance.

If stack canaries are not supported by the compiler an error will occur at build time.

Direct dependencies

ENTROPY_GENERATOR || TEST_RANDOM_GENERATOR

(Includes any dependencies from ifs and menus.)

Defaults

No defaults. Implicitly defaults to n.

Kconfig definition

At <Zephyr>/kernel/Kconfig:668

Included via <Zephyr>/Kconfig:8 → <Zephyr>/Kconfig.zephyr:30

Menu path: (Top) → General Kernel Options → Security Options

config STACK_CANARIES
    bool "Compiler stack canaries"
    depends on ENTROPY_GENERATOR || TEST_RANDOM_GENERATOR
    help
      This option enables compiler stack canaries.

      If stack canaries are supported by the compiler, it will emit
      extra code that inserts a canary value into the stack frame when
      a function is entered and validates this value upon exit.
      Stack corruption (such as that caused by buffer overflow) results
      in a fatal error condition for the running entity.
      Enabling this option can result in a significant increase
      in footprint and an associated decrease in performance.

      If stack canaries are not supported by the compiler an error
      will occur at build time.

(The ‘depends on’ condition includes propagated dependencies from ifs and menus.)