[PATCH] Protection against stack-based memory corruption errors using SafeStack: Clang command line option and function attribute

David Chisnall csdavec at swan.ac.uk
Mon Nov 3 10:44:37 PST 2014

Comment at: include/clang/Basic/AttrDocs.td:868
@@ +867,3 @@
+specify that the safe stack instrumentation should not be applied to
+that function.
+  }];
It would be nice if this documentation didn't assume that everyone reading it knew what the safe stack instrumentation was.  In particular, it should say what kind of functions might need to use this attribute (ones that do stack introspection?).

Comment at: lib/Driver/Tools.cpp:2189
@@ +2188,3 @@
+  // On gnu platforms, safestack runtime requires dl
+  CmdArgs.push_back("-ldl");
This is Linux specific.  Most other platforms don't need anything explicitly linked to support dl*()

Comment at: lib/Frontend/InitPreprocessor.cpp:830
@@ -829,1 +829,3 @@
+  else if (LangOpts.getStackProtector() == LangOptions::SSPSafeStack)
+    Builder.defineMacro("__SAFESTACK__", "4");
It would be worth surveying a corpus of code and seeing what uses the __SSP defines.  We may find that it's worth defining some of them in SafeStack mode, as it may cause the same kind of breakage.


More information about the cfe-commits mailing list