"Strong" stack protection for GCC

The underlying problem is an unchecked array bounds violation, where the array was allocated on the stack rather than the heap. There is no reason to assume stack-smashing is only on char buffers using bytewise traversal.

These canaries can be untouched by buggy code that happens to stride over the canary when writing, whether due to a per-iteration stride or due to some other constant or computed offset introduced by the buggy, unchecked access logic.

Even much more expensive per-access checks, like Purify, cannot catch 100% of array errors in a language like C using typical ABIs. It is not enough to just test whether an accessed address is a valid structure/variable, but you must reconstitute a triplet of info for the check: base address of pointer, offset from base, and size of object at base address; an access is wrong if the offset takes it beyond the object's size, regardless of whether this takes it to another valid object. But this triplet of information is not readily available in a program when general pointer arithmetic is allowed, and everything is reduced to machine addresses in the ABI.