[PATCH] Protection against stack-based memory corruption errors using SafeStack: Clang command line option and function attribute
Peter Collingbourne
peter at pcc.me.uk
Wed May 6 15:45:34 PDT 2015
================
Comment at: docs/SafeStack.rst:12
@@ +11,3 @@
+SafeStack is an instrumentation pass that protects programs against attacks
+based on stack-based buffer overflows, without introducing any measurable
+performance overhead. It works by separating the program stack into two
----------------
kcc wrote:
> .. based on stack-based...
>
> I'd remove the second "based"
Done
================
Comment at: docs/SafeStack.rst:44
@@ +43,3 @@
+in when the program is compiled with SafeStack. On some platforms, the runtime
+is integrated directly into libc, which enables certain low-level performance
+optimizations.
----------------
kcc wrote:
> is this true about libc?
Not currently. Removed.
================
Comment at: docs/SafeStack.rst:83
@@ +82,3 @@
+In some rare cases one may need to execute different code depending on whether
+SafeStack is enabled. The define ``__SAFESTACK__`` can be used for this
+purpose.
----------------
kcc wrote:
> See my previous comment about macros and ADDRESS_SANITIZER.
> You may have to change this to __has_feature(safe_stack)
Done
================
Comment at: test/SemaCXX/attr-no-safestack.cpp:12
@@ +11,3 @@
+void nosp_fun_args() __attribute__((no_safe_stack(1))); // \
+ // expected-error {{'no_safe_stack' attribute takes no arguments}}
+
----------------
gribozavr wrote:
> Rather than relying on line continuations, you could use expected-error at -1.
Done
http://reviews.llvm.org/D6095
EMAIL PREFERENCES
http://reviews.llvm.org/settings/panel/emailpreferences/
More information about the cfe-commits
mailing list