[PATCH] D147975: [StackProtector] don't check stack protector before calling nounwind functions
Phoebe Wang via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Wed Apr 12 02:30:04 PDT 2023
pengfei added a comment.
In D147975#4260540 <https://reviews.llvm.org/D147975#4260540>, @xiangzhangllvm wrote:
> In D147975#4260253 <https://reviews.llvm.org/D147975#4260253>, @LuoYuanke wrote:
>
>>> We could consider trying to encode more information into the IR, I guess. In a lot of cases, we know a "noreturn nounwind" function is abort()-like, and not longjmp()-like; we just don't bother recording it anywhere because nothing cared before this.
>>
>> In IR if a function call is within try{} block, front-end should generate invoke instruction, so we may just check if the callsite is invoke instruction.
>
> But the C code do not have try{} block.
> And I recheck the longjmp(ptr env, int val), if the attacker re-write the parameter env and prepare the “meticulously prepared” reg data in the flaky env , it is possible to attack.
I think the point is `noreturn`. If it is a rare case using longjmp in a `noreturn` function, I think it's fine to not do much thing for it.
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D147975/new/
https://reviews.llvm.org/D147975
More information about the llvm-commits
mailing list