From: Alex Sadovsky <nable.maininbox@googlemail.com>
To: u-boot@lists.denx.de
Subject: [PATCH] Add support for stack-protector
Date: Mon, 11 Jan 2021 01:40:13 +0300 [thread overview]
Message-ID: <49a0fb9e-e2a4-c26f-e192-818e16d60e30@googlemail.com> (raw)
In-Reply-To: <20210110153900.19429-1-joel.peshkin@broadcom.com>
Hi,
> +
> +unsigned long __stack_chk_guard = 0xfeedf00ddeadbeef;
sizeof(unsigned long) isn't always 8, even gcc issues a warning when it's invoked with proper options (e.g. 32-bit build):
> warning: conversion from ?long long unsigned int? to ?long unsigned int? changes value from ?18369602397475290863? to ?3735928559? [-Woverflow]
Maybe there's some better way to initialize this variable. E.g. with #if ? #else ? #endif or using some initialization function that is invoked early.
I should also mention that a fixed canary value doesn't actually bring proper protection against exploits, thus run-time initialization with a random value is usually preferred.
I'm not sure whether it's important at all in bootloader code, I just wanted to be sure that it isn't unnoticed.
Cheers, Alex.
next prev parent reply other threads:[~2021-01-10 22:40 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-01-10 15:39 [PATCH] Add support for stack-protector Joel Peshkin
2021-01-10 16:18 ` Heinrich Schuchardt
2021-01-10 19:44 ` Joel Peshkin
2021-01-10 22:20 ` Heinrich Schuchardt
2021-01-10 22:40 ` Alex Sadovsky [this message]
2021-01-11 0:23 ` Joel Peshkin
2021-01-11 3:10 ` [PATCH v2] " Joel Peshkin
2021-01-11 9:59 ` Heinrich Schuchardt
2021-01-11 16:20 ` [PATCH v3] " Joel Peshkin
2021-01-11 18:12 ` Heinrich Schuchardt
2021-01-11 22:49 ` [PATCH v4] " Joel Peshkin
2021-01-12 15:48 ` Heinrich Schuchardt
2021-01-11 23:55 ` [PATCH v5] " Joel Peshkin
2021-01-12 16:51 ` [PATCH v6] " Joel Peshkin
2021-01-12 20:01 ` Heinrich Schuchardt
2021-01-14 13:59 ` [PATCH v7] " Joel Peshkin
2021-01-14 14:59 ` Alex Sadovsky
2021-01-14 20:35 ` [PATCH v8] " Joel Peshkin
2021-01-15 18:53 ` Heinrich Schuchardt
2021-01-28 0:57 ` Tom Rini
2021-01-28 8:20 ` Heinrich Schuchardt
2021-01-28 11:00 ` Heinrich Schuchardt
2021-01-28 14:33 ` Heinrich Schuchardt
2021-02-09 3:36 ` [PATCH v9] " Joel Peshkin
[not found] ` <794783f5-da5c-65b4-82a4-0f62d1f6a8b0@gmx.de>
2021-02-09 20:39 ` Heinrich Schuchardt
2021-03-22 17:37 ` Heinrich Schuchardt
2021-04-09 22:27 ` Joel Peshkin
2021-04-10 10:11 ` Heinrich Schuchardt
2021-04-10 11:17 ` Tom Rini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=49a0fb9e-e2a4-c26f-e192-818e16d60e30@googlemail.com \
--to=nable.maininbox@googlemail.com \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox