[PATCH] D20346: [stack-protection] Add support for MSVC buffer security check
Etienne Bergeron via llvm-commits
llvm-commits at lists.llvm.org
Wed Jun 1 08:37:01 PDT 2016
etienneb added a comment.
> > Also, the stack/EH security cookies must be added to the structure when using version 3.
>
>
> I actually thought all functions using SEH got upgraded to _except_handler4. So, maybe we should change clang to use _except_handler4 when -fstack-protector is on.
For a given compilation unit with stack-protection turned on, it seems to me that functions using SEH are **all** upgraded to version 4.
I tried to produce a counter example using these MSVC features:
- declspec(safebuffers) <https://msdn.microsoft.com/en-us/library/dd778695.aspx>
- pragma(strict_gs_check) <https://msdn.microsoft.com/en-us/library/bb507721.aspx>
But, I was not able to produce a case with functions on different exception handlers.
By using two separate source files with either /GS and /GS-, I was able to produce an executable with both exception handler.
Which means, both version must co-exist well.
Functions (same compilation unit) using SEH **and** GS are upgraded to version 4 (containing the cookie slots in EH ScopeTable).
Which make sense because exception handler version 4 is performing additional checks on the security cookies when an exception occurs.
If /GS is off, it's better to produce smaller structures. So, it better to produce version 3.
Graphs showing stack layout:
- version3 <http://www.openrce.org/articles/img/igor1_seh3_stack_layout.gif>
- version4 <http://www.openrce.org/articles/img/igor1_seh4_stack_layout.gif>
http://reviews.llvm.org/D20346
More information about the llvm-commits
mailing list