| commit | 74a28a8af21977ebbc2945beb879f1b9b6ff13ba | |
| author | jvoisin <julien.voisin@dustri.org> | |
| Mon, 13 Dec 2021 20:05:19 +0000 (13 21:05 +0100) | ||
| committer | Rich Felker <dalias@aerifal.cx> | |
| Tue, 8 Mar 2022 21:52:25 +0000 (8 16:52 -0500) | ||
| tree | bdd571f09e938573bae3a579dc2f0e817b0c805a | treesnapshot (tar.gz zip) |
| parent | 7c0c7a75ec8ecf3eedefc40bb4dae5aaa76d7108 | commitdiff |
protect stack canary from leak via read-as-string by zeroing second byte
This reduces entropy of the canary from 64-bit to 56-bit in exchange
for mitigating non-terminated C string overflows by setting the second
byte of the canary to nul, so that off-by-one write overflow with a
nul byte can still be detected.
Idea from GrapheneOS bionic commit 7024d880b51f03a796ff8832f1298f2f1531fd7b
This reduces entropy of the canary from 64-bit to 56-bit in exchange
for mitigating non-terminated C string overflows by setting the second
byte of the canary to nul, so that off-by-one write overflow with a
nul byte can still be detected.
Idea from GrapheneOS bionic commit 7024d880b51f03a796ff8832f1298f2f1531fd7b
| src/env/__stack_chk_fail.c | diffblobblamehistory |