[PATCH] D43217: [LLD] Implement /guard:[no]longjmp
Reid Kleckner via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Mon Feb 12 17:52:54 PST 2018
rnk created this revision.
rnk added reviewers: ruiu, inglorion, amccarth.
This protects calls to longjmp from transferring control to arbitrary
program points. Instead, longjmp calls are limited to the set of
registered setjmp return addresses.
This also implements /guard:nolongjmp to allow users to link in object
files that call setjmp that weren't compiled with /guard:cf. In this
case, the linker will approximate the set of address taken functions,
but it will leave longjmp unprotected.
I used the following program to test, compiling it with different -guard
flags:
$ cl -c t.c -guard:cf
$ lld-link t.obj -guard:cf
#include <setjmp.h>
#include <stdio.h>
jmp_buf buf;
void g() {
printf("before longjmp\n");
fflush(stdout);
longjmp(buf, 1);
}
void f() {
if (setjmp(buf)) {
printf("setjmp returned non-zero\n");
return;
}
g();
}
int main() {
f();
printf("hello world\n");
}
In particular, the program aborts when the code is compiled *without*
-guard:cf and linked with -guard:cf. That indicates that longjmps are
protected.
https://reviews.llvm.org/D43217
Files:
lld/COFF/Config.h
lld/COFF/DriverUtils.cpp
lld/COFF/InputFiles.cpp
lld/COFF/InputFiles.h
lld/COFF/Writer.cpp
lld/test/COFF/gfids-corrupt.s
lld/test/COFF/gfids-fallback.s
lld/test/COFF/gfids-gc.s
lld/test/COFF/gfids-icf.s
lld/test/COFF/guard-longjmp.s
llvm/tools/llvm-readobj/COFFDumper.cpp
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D43217.133970.patch
Type: text/x-patch
Size: 13327 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20180213/55c9163a/attachment.bin>
More information about the llvm-commits
mailing list