[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug ld/29072] ld silently make the program stack area executable if nes
From: |
nickc at redhat dot com |
Subject: |
[Bug ld/29072] ld silently make the program stack area executable if nested function is used |
Date: |
Tue, 26 Apr 2022 12:11:20 +0000 |
https://sourceware.org/bugzilla/show_bug.cgi?id=29072
Nick Clifton <nickc at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |FIXED
--- Comment #16 from Nick Clifton <nickc at redhat dot com> ---
(In reply to H.J. Lu from comment #15)
> Is the goal to remove nested functions?
No - the goal is to improve the security of programs by letting their builders
know that they have a vulnerability. They *may* chose to address the
vulnerability by removing nested functions from their code - if that was the
cause - but they may also decide that the vulnerability is acceptable and
instead add --no-warn-execstack to the linker command line. Or just ignore the
warning.
The point of the warning is that it gives program builders a prompt to decide
what is best for them. By informing them of the potential security
vulnerability - something that they may not have realised was happening to
their program - they then have a reason to perform a security review of their
code, and can decide what to do.
As for builders who are unaware of the risks of executable stacks and the
dangers of nested functions - and hence will be confused by this new warning -
I intend to write a blog about the problem and its possible solutions. It is
my hope that a web search will turn up this blog, and so they will be able to
find some advice on what to do.
--
You are receiving this mail because:
You are on the CC list for the bug.
- [Bug ld/29072] ld silently make the program stack area executable if nested function is used, (continued)
- [Bug ld/29072] ld silently make the program stack area executable if nested function is used, nickc at redhat dot com, 2022/04/20
- [Bug ld/29072] ld silently make the program stack area executable if nested function is used, cvs-commit at gcc dot gnu.org, 2022/04/20
- [Bug ld/29072] ld silently make the program stack area executable if nested function is used, nickc at redhat dot com, 2022/04/20
- [Bug ld/29072] ld silently make the program stack area executable if nested function is used, i at maskray dot me, 2022/04/21
- [Bug ld/29072] ld silently make the program stack area executable if nested function is used, nickc at redhat dot com, 2022/04/21
- [Bug ld/29072] ld silently make the program stack area executable if nested function is used, cvs-commit at gcc dot gnu.org, 2022/04/25
- [Bug ld/29072] ld silently make the program stack area executable if nested function is used, hjl.tools at gmail dot com, 2022/04/25
- [Bug ld/29072] ld silently make the program stack area executable if nested function is used, hjl.tools at gmail dot com, 2022/04/25
- [Bug ld/29072] ld silently make the program stack area executable if nested function is used, nickc at redhat dot com, 2022/04/25
- [Bug ld/29072] ld silently make the program stack area executable if nested function is used, hjl.tools at gmail dot com, 2022/04/25
- [Bug ld/29072] ld silently make the program stack area executable if nested function is used,
nickc at redhat dot com <=
- [Bug ld/29072] ld silently make the program stack area executable if nested function is used, hjl.tools at gmail dot com, 2022/04/26
- [Bug ld/29072] ld silently make the program stack area executable if nested function is used, nickc at redhat dot com, 2022/04/26
- [Bug ld/29072] ld silently make the program stack area executable if nested function is used, cvs-commit at gcc dot gnu.org, 2022/04/26
- [Bug ld/29072] ld silently make the program stack area executable if nested function is used, cvs-commit at gcc dot gnu.org, 2022/04/26
- [Bug ld/29072] ld silently make the program stack area executable if nested function is used, hjl.tools at gmail dot com, 2022/04/28