[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#27429: Stack clash (CVE-2017-1000366 etc); -fstack-check
From: |
Danny Milosavljevic |
Subject: |
bug#27429: Stack clash (CVE-2017-1000366 etc); -fstack-check |
Date: |
Sun, 25 Jun 2017 11:38:28 +0200 |
Hi,
what do you all think of rebuilding the world with "-fstack-check" (either now
or later on) ?
That would make gcc emit code to always grow the stack in a way that it
certainly touches each 4 KiB (parametrizable by STACK_CHECK_PROBE_INTERVAL_EXP)
page on the way.
I think that would be the right and permanent fix - unlike the whack-a-mole
approach where we patch programs not to do what they are supposed to do, if
their stack allocation happens to grow.
See also <https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt> and
<https://gcc.gnu.org/onlinedocs/gccint/Stack-Checking.html>.
Note that the kernel itself has to put argv and envp into the user process'
stack and this can already make the very first stack allocation that a process
does in its main() need to grow the stack, and reach across the guard page. So
the right fix is to just make the stack allocations never reach across the
guard page without using it.
- bug#27429: Stack clash (CVE-2017-1000366 etc), (continued)
- bug#27429: Stack clash (CVE-2017-1000366 etc), Leo Famulari, 2017/06/23
- bug#27429: Stack clash (CVE-2017-1000366 etc), Mark H Weaver, 2017/06/23
- bug#27429: Stack clash (CVE-2017-1000366 etc), Leo Famulari, 2017/06/23
- bug#27429: Stack clash (CVE-2017-1000366 etc), Mark H Weaver, 2017/06/23
- bug#27429: Stack clash (CVE-2017-1000366 etc), Mark H Weaver, 2017/06/24
- bug#27429: Stack clash (CVE-2017-1000366 etc), Ludovic Courtès, 2017/06/26
- bug#27429: Stack clash (CVE-2017-1000366 etc), Mark H Weaver, 2017/06/26
- bug#27429: Stack clash (CVE-2017-1000366 etc), Ludovic Courtès, 2017/06/27
- bug#27429: Stack clash (CVE-2017-1000366 etc), Leo Famulari, 2017/06/28
bug#27429: Stack clash (CVE-2017-1000366 etc), Mark H Weaver, 2017/06/19
bug#27429: Stack clash (CVE-2017-1000366 etc); -fstack-check,
Danny Milosavljevic <=