#gcc i386 ROP mitigation https://gcc.gnu.org/ml/gcc-patches/2015-11/msg01773.html …
@solardiz I have concerns about the deg to which is possible, but doesn't just reducing the freq of these bytes reduce chance of exploit?
-
-
@RichFelker I think this patch alone doesn't help at all. It might break some pre-existing exploits, but so would many non-security options. -
@solardiz@RichFelker I agree. This doesn't seem useful. ROP using only intended instructions works just fine (as does ROP without returns). -
@stevecheckoway@solardiz@RichFelker Instead of trying to be a road block why not just let other people get some work done? -
@kurtseifried@stevecheckoway@solardiz Adding complexity without benefit is purely harmful to security and comprehensibility.
End of conversation
New conversation -
-
-
@RichFelker@solardiz An exploit only needs a few gadgets in the executable or any library. It doesn't matter how many choices there are. -
@RichFelker@solardiz Unless the number of choices is truly zero but... that doesn't seem feasible. Breaking existing ROP finders? Sure. -
@RichFelker@solardiz But that doesn't mean much. They can become more aggressive and work around limitations of the available gadgets.
End of conversation
New conversation -
-
-
@RichFelker For new exploits, there will remain enough gadgets - such as function epilogues, portions of addresses and immediate valuesThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.