[PATCH] Protection against stack-based memory corruption errors using SafeStack: Clang command line option and function attribute
Kostya Serebryany
kcc at google.com
Tue May 5 16:39:48 PDT 2015
more comments
================
Comment at: docs/SafeStack.rst:12
@@ +11,3 @@
+SafeStack is an instrumentation pass that protects programs against attacks
+based on stack-based buffer overflows, without introducing any measurable
+performance overhead. It works by separating the program stack into two
----------------
.. based on stack-based...
I'd remove the second "based"
================
Comment at: docs/SafeStack.rst:44
@@ +43,3 @@
+in when the program is compiled with SafeStack. On some platforms, the runtime
+is integrated directly into libc, which enables certain low-level performance
+optimizations.
----------------
is this true about libc?
================
Comment at: docs/SafeStack.rst:83
@@ +82,3 @@
+In some rare cases one may need to execute different code depending on whether
+SafeStack is enabled. The define ``__SAFESTACK__`` can be used for this
+purpose.
----------------
See my previous comment about macros and ADDRESS_SANITIZER.
You may have to change this to __has_feature(safe_stack)
http://reviews.llvm.org/D6095
EMAIL PREFERENCES
http://reviews.llvm.org/settings/panel/emailpreferences/
More information about the cfe-commits
mailing list