Date: Wed, 1 Oct 2014 09:48:17 +0200 From: Szabolcs Nagy <nsz@...t70.net> To: musl@...ts.openwall.com Subject: Re: Re: A running list of questions from "porting" Slackware to musl * Andy Lutomirski <luto@...capital.net> [2014-09-30 16:50:28 -0700]: > On 09/30/2014 08:50 AM, Rich Felker wrote: > > When gcc generates the canary-check code, on failure it normally > > calls/jumps to __stack_chk_fail. But for shared libraries, that call > > would go to a thunk in the library's PLT, which depends on the GOT > > register being initialized (actually this varies by arch; x86_64 ... > > On x86_64, this would be call *whatever@...off(%rip) instead of call > whatever@.... > > (Even better: the loader could patch the PLT with a direct jump. Could ... hm this seems to be a lot of complication just to crash if gcc had a -fcrash-on-ssp-chk-fail flag that simply generated a crash instruction that would be simpler/smaller/more secure (actually i think that should be the default behaviour)
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.