Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 27 Sep 2016 14:35:33 -0700
From: "LeMay, Michael" <>
To: Rich Felker <>
Cc: "" <>
Subject: Re: [RFC] Support for segmentation-hardened SafeStack

On 9/27/2016 07:43, Rich Felker wrote:
> On Mon, Sep 26, 2016 at 11:05:06PM -0700, LeMay, Michael wrote:
>> Arguments, whether variadic or not, are still passed on the main
>> (safe) stack like usual, and they can be used in-place.
> Here I think we're just differing on what "used in-place" means. For
> me that would include the ability to take their addresses. I assume
> you're just talking about using the values.

I see your point now.  Yes, when SafeStack determines that a local 
variable or argument may be accessed unsafely, it moves or copies 
(respectively) that allocation to the unsafe stack.  Incidentally, I 
thought that just taking the address of a local variable or argument 
(e.g. for pointer comparisons within a single function) would not 
necessarily result in it being moved to the unsafe stack, but re-reading 
the SafeStack pass and running some tests showed me that the pass 
currently does move such allocations to the unsafe stack.

> This is another place where I think we're just using terms
> differently. From my perspective (the formal C language) variadic
> argument handling does not involve taking or dereferencing addresses
> on the stack; those are just va_list/va_arg implementation details. At
> the level of the formal language I think there are no exceptions; in
> all cases where the address on "the stack" leaks outside the scope of
> what the compiler can see/control, "the stack" it's on has to be the
> unsafe stack.

Yes, we're in agreement.  For completeness, I'll note that there are 
other ways for safe stack pointers to leak:


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.