Date: Mon, 19 Jun 2017 14:52:03 -0400 From: Daniel Micay <danielmicay@...il.com> To: oss-security@...ts.openwall.com Subject: Re: Re: Qualys Security Advisor -- The Stack Clash On Mon, 2017-06-19 at 11:26 -0600, Jeff Law wrote: > I would consider those two GCC BZs (68065, 66479) a separate an > distinct > issue. > > It is far more important to address design issues around the existing > -fstack-check first. I think we've got a pretty good handle on how to > address those problems and discussions with the upstream GCC community > have already started. > > In an ideal world we'll get to a place where the new -fstack-check > does > not change program semantics, never misses probes and is efficient > enough to just turn on and forget everywhere. The existing > -fstack-check fails all three of those criteria. > > Jeff AFAIK, the main efficiency issue (reserving a register) was fixed for GCC 6. I might be missing something but it seems very cheap now, at least for x86_64. It definitely doesn't really work though. Is there an example of it changing program semantics? I haven't seen anything since the generic arch stuff was fixed.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.