This is the mail archive of the gcc@gcc.gnu.org mailing list for the GCC project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Stack protector: leak of guard's address on stack


> On Apr 28, 2018, at 9:22 PM, Florian Weimer <fw@deneb.enyo.de> wrote:
> 
> * Thomas Preudhomme:
> 
>> Yes absolutely, CSE needs to be avoided. I made memory access volatile
>> because the change was easier to do. Also on Arm Thumb-1 computing the
>> guard's address itself takes several loads so had to modify some more
>> patterns. Anyway, regardless of the proper fix, do you have any objection
>> to raising a CVE for that issue?
> 
> Please file a bug in Bugzilla first and use that in the submission to
> MITRE.

Thomas filed https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85434 couple of weeks ago.

--
Maxim Kuvyrkov
www.linaro.org


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]