How to use otool to check for whether Stack Smashing is enabled or not?

Question

I see many answers, like this, and this on the internet says to use otool command to check for stack_chk_guard and stack_chk_fail on the project.

The problem is, I don't know to which file the otool must be applied. On a source, they say this otool is to be applied on a file with extension .a, which is a library. But I don't know how that can be applied to my situation where I want to check the whole project, not just a library. And I tried to find any file within my project with .a extension, and I found none. I've tried to run otool against .app, .framework, .xcarchive, and .ipa, all failed.

Can somebody help? Please be elaborate if necessary, because I never use otool before, and documentations on the internet doesn't help at all when it comes to describe what files can be checked by otool.

Chen Li Yong · Accepted Answer · 2018-09-12T10:05:08.183

After a hairpulling search session, I found out that the file you're supposedly supply to otool is inside the .app directory. Yes, the .app is a directory, not a file.

So this is how to do it:

build your project first, which will create a .app file.
in the Xcode project navigator (left panel side), filter for .app name on bottom.
right click on the .app file, select "show in finder".
open a terminal window.
type cd and then drag the .app directory to the terminal. It will populate the path.
type otool -Iv Your_App_Binary_Name | grep stack

This Your_App_Binary_Name bits can make you confused, but don't be. Just note what is the name of your .app directory. For example, if the directory is MyApp.app, then your binary should be MyApp without extension, inside the MyApp.app directory. If you see the file using finder (right click on the .app and select "show package contents"), you'll see the type of the binary file is UNIX executable.

(Don't forget, if your app name contains spaces, you need to use backslash to escape the space. For example, if your app name is "My Holy App", then the directory is My\ Holy\ App.app and the app binary is My\ Holy\ App)

So your terminal will look like this for target named "My App":

$ cd ......./Build/Products/Debug-iphoneos/MyApp.app
$ otool -Iv MyApp | grep stack
0x00000001000c17bc 19966 ___stack_chk_fail
0x00000001000d8268 19967 ___stack_chk_guard
0x00000001000d8d18 19966 ___stack_chk_fail

or in case your target has spaces like "My Holy App":

$ cd ......./Build/Products/Debug-iphoneos/My\ Holy\ App.app
$ otool -Iv My\ Holy\ App | grep stack
0x00000001000c17bc 19966 ___stack_chk_fail
0x00000001000d8268 19967 ___stack_chk_guard
0x00000001000d8d18 19966 ___stack_chk_fail

EDIT: user mnemonic23 stated that if you compile the IPA with rebuild from bitcode, the result of otool won't show the result above. You have to compile the IPA without rebuild from bitcode.

This works exactly as described. Thank you for putting this together. — Tofu Warrior, Aug 15 '18 at 14:07
i've found out that it only works to adhoc deployment, not appstore/release mode. am I right? — axunic, Sep 10 '18 at 14:05
i exported adhoc ipa, the result showed. but not for ipa exported for appstore. is it normal? — axunic, Sep 10 '18 at 14:06
@mnemonic23 in my case, I exported for enterprise distribution too, and it shows the result for me. I still haven't tried for appstore case. — Chen Li Yong, Sep 12 '18 at 03:14
i have confirmed that bitcode causing the result not showing too. So i uncheck "include bitcode" when exporting and it worked. — axunic, Sep 12 '18 at 07:31
@mnemonic23 oh I see! I never include bitcode when compiling IPA, so that was never the problem for me. Thanks for clarifying! — Chen Li Yong, Sep 12 '18 at 10:03
after enable -fstack-protector-all got the same result in order as above, is that mean stack canary enabled? — iosDev, Dec 03 '21 at 19:17

How to use otool to check for whether Stack Smashing is enabled or not?

1 Answers1