[PATCH] D123544: [randstruct] Automatically randomize a structure of function pointers
Bill Wendling via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Tue Apr 12 10:54:41 PDT 2022
void added a comment.
In D123544#3445425 <https://reviews.llvm.org/D123544#3445425>, @xbolva00 wrote:
>>> While I agree with the security aspects of this in principle, it is not a conforming behavior in C and it runs significant risk of breaking existing code such that it introduces new security issues.
>
> I agree strongly. This could happily can do more harm than good ("the road to hell is paved with good intentions"). Please leave it opt-in or introduce "modes" for this feature like -frandomize-struct=func-pointers | -frandomize-struct=xxx | -frandomize-struct=all.
[Some context for this patch: the GCC plugin does this already. Our initial implementation of randstruct skipped that part.]
Could you explain a bit more why it's not considered conforming behavior in C? The entire feature is definitely unusual and introduces some caveats (the structure initialization being just one of them).
Here's an article on this feature and why randomizing structs of function pointers is Considered Good(tm): https://lwn.net/Articles/722293/
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D123544/new/
https://reviews.llvm.org/D123544
More information about the cfe-commits
mailing list