This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: alloca avoidance patches
On Mon, 19 Jun 2017, Szabolcs Nagy wrote:
> in any case i think it's more productive to
> fix the stack usage bugs, instead of hardening
> for this class of exploitable stack usage bugs,
> even if the guard page catches the issue it
> is an unwanted crash.
Which gets back to wanting to use appropriate warning options, even if
they don't catch all cases - and to needing an ABI-defined size it's safe
to allocate, possibly more than a page if you rely on kernel fixes.
(I expect strtold has one of the larger static stack allocations in glibc.
I can see such amounts, possibly more, being needed for fixing cpow{,f,l}
inaccuracy as well, on the assumption we should avoid libm functions
calling malloc.)
--
Joseph S. Myers
joseph@codesourcery.com