[PATCH] Protection against stack-based memory corruption errors using SafeStack: Clang command line option and function attribute
Alexey Samsonov
vonosmas at gmail.com
Wed May 6 16:15:16 PDT 2015
================
Comment at: docs/AttributeReference.rst:486
@@ -485,1 +485,3 @@
+no_safe_stack
+-------------
----------------
Do you need this attribute right now? If we decide to finally implement universal no_sanitize attribute, this attribute will become deprecated in favor of `__attribute__((no_sanitize("safe-stack")))`.
================
Comment at: lib/CodeGen/CodeGenModule.cpp:747
@@ -746,1 +746,3 @@
B.addAttribute(llvm::Attribute::StackProtectReq);
+ else if (LangOpts.getStackProtector() == LangOptions::SSPSafeStack)
+ if (!D->hasAttr<NoSafeStackAttr>())
----------------
Do you need to respect -fsanitize-blacklist for this?
================
Comment at: lib/Driver/ToolChains.cpp:13
@@ -12,2 +12,3 @@
#include "clang/Basic/Version.h"
+#include "clang/Basic/LangOptions.h"
#include "clang/Config/config.h" // for GCC_INSTALL_PREFIX
----------------
Accidental change?
================
Comment at: lib/Driver/Tools.cpp:2296
@@ +2295,3 @@
+ // Safestack runtime requires dl on Linux
+ if (TC.getTriple().isOSLinux())
+ CmdArgs.push_back("-ldl");
----------------
Note that you're adding -ldl here, but we tend to add dependencies of compiler-rt runtimes later in the linker invocation (see `NeedsSanitizerDeps` vars) - so that they are added after `AddLinkerInputs` is called.
================
Comment at: lib/Driver/Tools.cpp:8392
@@ -8343,1 +8391,3 @@
+ addSafeStackRT(getToolChain(), Args, CmdArgs);
+
----------------
Do we really want to support OS we don't build safestack runtime for? I'd just use Linux/MacOS for a start.
http://reviews.llvm.org/D6095
EMAIL PREFERENCES
http://reviews.llvm.org/settings/panel/emailpreferences/
More information about the cfe-commits
mailing list