This is the mail archive of the
gcc@gcc.gnu.org
mailing list for the GCC project.
Re: About BZ#87210 [RFE] To initialize automatic stack variables
- From: Richard Biener <richard dot guenther at gmail dot com>
- To: P J P <pj dot pandit at yahoo dot co dot in>
- Cc: Gcc Mailing List <gcc at gcc dot gnu dot org>
- Date: Mon, 4 Mar 2019 13:01:54 +0100
- Subject: Re: About BZ#87210 [RFE] To initialize automatic stack variables
- References: <1225413012.1679387.1550571810991.ref@mail.yahoo.com> <1225413012.1679387.1550571810991@mail.yahoo.com> <659339220.8296036.1551696283308@mail.yahoo.com>
On Mon, Mar 4, 2019 at 11:44 AM P J P <pjp@fedoraproject.org> wrote:
>
> On Tuesday, 19 February, 2019, 3:55:35 PM IST, P J P <pjp@fedoraproject.org> wrote:
> >
> >Hello,
> >
> > -> https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87210
> >
> >This RFE is about providing gcc option(s) to eliminate information leakage
> >issues from programs. Information leakage via uninitialised memory has been
> >a chronic/recurring issue across all software. They are found quite often
> >and may lead to severe effects if found in system software/kernel, OR an
> >application which handles sensitive information.
> >
> >Various projects/efforts are underway to keep such information exposure
> >from happening
> >
> >* STACKLEAK - http://lkml.iu.edu/hypermail/linux/kernel/1810.3/00522.html
> >* KLEAK - https://netbsd.org/gallery/presentations/maxv/kleak.pdf
> >* https://j00ru.vexillium.org/papers/2018/bochspwn_reloaded.pdf
> >
> >But these are still external corrections to improve specific project and/or
> >software. It does not help to fix/eliminate all information leakage issues.
> >Automatic memory initialisation:
> >
> >* https://lists.llvm.org/pipermail/cfe-dev/2018-November/060172.html
> >* https://reviews.llvm.org/D54604
> >
> >It'd be immensely helpful and welcome if gcc(1) could provide compile/build
> >time options to enable/disable - automatic memory initialisation.
> >
> >Could we please consider it as more viable/useful option?
>
> Ping...!
Patches welcome(?)
Richard.
> ---
> -P J P
> http://feedmug.com