This is the mail archive of the
gcc-patches@gcc.gnu.org
mailing list for the GCC project.
Re: RFC: stack/heap collision vulnerability and mitigation with GCC
On 06/20/2017 12:05 AM, Jeff Law wrote:
> On 06/19/2017 03:56 PM, Joseph Myers wrote:
>> On Mon, 19 Jun 2017, Florian Weimer wrote:
>>
>>> I think architectures such as aarch64 without implied stack probing as
>>> part of the function call sequence would benefit most from an ABI
>>> agreement (splitting the probing responsibility in some way between
>>> caller and callee). For architectures with some form of implied
>>
>> I'd expect that, regardless of architecture, if calls don't write to the
>> stack, the caller has to save its own return address somewhere before
>> making a call, which means writing the saved link register.
> True, but the callee doesn't know the offset where the caller saved the
> return address. In fact, different callers could have stored it at
> different offsets. AFAICT for these targets we just have to make a
> worst case assumption about the caller.
There are also some weird corner cases like this one:
H. Baker, “CONS Should Not CONS Its Arguments, Part II: Cheney on the
M.T.A.” <http://home.pipeline.com/~hbaker1/CheneyMTA.html>.
So I think some sort of convention is needed here.
Thanks,
Florian