[PATCH] D44077: Clear the stack protector after checking it
Evgenii Stepanov via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Mon Oct 14 13:25:31 PDT 2019
eugenis added a comment.
Sorry, but I'm not convinced that the overhead of this change is justified by the security benefit it provides.
I've measured code size overhead (using Chromium on Android as a benchmark) at 0.4%, which is not huge, but still significant.
On the other hand, I'm not at all sure that this would be anything but an inconvenience for an attacker. There are multiple copies of the cookie on the stack anyway (one per every live frame!). Also, taking advantage of the cookies left below SP will become even harder with the new -ftrivial-auto-var-init feature.
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D44077/new/
https://reviews.llvm.org/D44077
More information about the llvm-commits
mailing list