Navigation
Search
|
A GCC -fstack-protector vulnerability on arm64
Tuesday September 12, 2023. 11:18 PM , from LWN.net
The GCC stack-protector feature detects stack-based buffer overruns by
putting a canary value on the stack and noticing if that value is changed. It turns out, though, that dynamically allocated local variables (such as variable-length arrays and space obtained with alloca()) are placed beyond the canary, so overflows of those variables will not be detected. As a result, arm64 binaries built with vulnerable versions of GCC are not as protected as they should be and need to be rebuilt. Dynamic allocations are just as susceptible to overflows as other locals. In fact, they're arguably more susceptible because they're almost always arrays, whereas fixed locals are often integers, pointers, or other types to which variable-length data is never written. GCC's own heuristics for when to use a stack guard reflect this. Kees Cook, meanwhile, has pointed out that the kernel no longer uses variable-length arrays, so kernel builds should not be affected by this vulnerability.
https://lwn.net/Articles/944307/
|
25 sources
Current Date
Apr, Sat 27 - 16:39 CEST
|