CVE-2016-3922 is an example of a vulnerability where -fstack-check would prevent exploitation. Reported a few of these a while ago. @marver
-
-
Replying to @CopperheadOS @marver
GCC makes it hard by documenting that -fstack-check is broken/unsafe-to-use without target backend support.
1 reply 0 retweets 0 likes -
Because they implemented it wrong rather than as a generic part of stack frame handling. Because GCC.
1 reply 0 retweets 0 likes -
Replying to @RichFelker @marver
It should be fixed in GCC 6 and perhaps earlier, but it doesn't work with overly large alloca / VLAs.
2 replies 0 retweets 0 likes -
Replying to @CopperheadOS @marver
They made it target-independent? The risk in enabling it by default is that if it gets used on target w/out support...
2 replies 0 retweets 0 likes -
...GCC will use the unsafe generic code that injects malloc/free calls for automatic objects, horribly breaking things
1 reply 0 retweets 0 likes
See https://gcc.gnu.org/onlinedocs/gccint/Stack-Checking.html … and https://gcc.gnu.org/onlinedocs/gcc/Instrumentation-Options.html …
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.