[llvm] [StackProtector] Clear out stack protector slot (PR #65461)
Reid Kleckner via llvm-commits
llvm-commits at lists.llvm.org
Wed Sep 6 09:59:05 PDT 2023
rnk wrote:
As a point of comparison, Microsoft puts the check in `__security_check_cookie`, and they do not zero out the stack slot with the cookie: https://gcc.godbolt.org/z/Po6fs6PnW
If we want to make our stack protection stronger, we'd should consider the technique of XOR'ing RSP or RBP into the cookie, so we don't directly store the cookie in memory.
If we care about size, we should outline this logic, particularly the conditional check. The simplest way to do that would be to make a `linkonce_odr` helper like `__llvm_stack_protector_check` that does all this.
I think zeroing out the entire frame is usually prohibitively expensive.
https://github.com/llvm/llvm-project/pull/65461
More information about the llvm-commits
mailing list