RFC: stack/heap collision vulnerability and mitigation with GCC
Wilco Dijkstra
Wilco.Dijkstra@arm.com
Wed Jun 21 09:03:00 GMT 2017
Richard Earnshaw wrote:
> A mere 256 bytes for the caller would permit 32 x 8byte arguments on the
> stack which, with at least 8 parameters passed in registers, would allow
> for calls with 40 parameters. There can't be many in that space. Any
> function making calls with more than that might need additional probes,
> but that's going to be exceedingly rare.
>
> Put the cost on the least common sequences, even if they pay
> disproportionately - it will be a win over all.
Functions with large outgoing arguments are extremely rare indeed, it tails off
really fast after 64 bytes. The only large cases I've seen are from Fortran code -
and those cases seem buggy (40KBytes of outgoing args means 5000 double
args which is unlikely).
Wilco
More information about the Gcc-patches
mailing list