[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#27429: Stack clash (CVE-2017-1000366 etc); -fstack-check

From: Danny Milosavljevic
Subject: bug#27429: Stack clash (CVE-2017-1000366 etc); -fstack-check
Date: Sun, 25 Jun 2017 11:38:28 +0200


what do you all think of rebuilding the world with "-fstack-check" (either now 
or later on) ?

That would make gcc emit code to always grow the stack in a way that it 
certainly touches each 4 KiB (parametrizable by STACK_CHECK_PROBE_INTERVAL_EXP) 
page on the way.

I think that would be the right and permanent fix - unlike the whack-a-mole 
approach where we patch programs not to do what they are supposed to do, if 
their stack allocation happens to grow.

See also <https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt> and 

Note that the kernel itself has to put argv and envp into the user process' 
stack and this can already make the very first stack allocation that a process 
does in its main() need to grow the stack, and reach across the guard page.  So 
the right fix is to just make the stack allocations never reach across the 
guard page without using it.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]