Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

split-stack feature on GCC and clang compiler #340

Open
Flo4152 opened this issue Dec 9, 2023 · 2 comments
Open

split-stack feature on GCC and clang compiler #340

Flo4152 opened this issue Dec 9, 2023 · 2 comments
Labels
Product: Compiler Hardening Guide

Comments

@Flo4152
Copy link

Flo4152 commented Dec 9, 2023
edited

GCC and clang compiler offer feature to allocate discontinuous stack when running out of stack memory. The -fsplit-stack option activates this behavior on GCC (https://gcc.gnu.org/onlinedocs/gcc/Instrumentation-Options.html#index-fsplit-stack / https://gcc.gnu.org/wiki/SplitStacks) and clang (https://llvm.org/docs/SegmentedStacks.html).

This option can mitigate some stack exhaustion issues.

Do you think this option may have its place on "Compiler Hardening Guide"?

Regards,
@Flo4152
Copy link
Author

Flo4152 commented Dec 11, 2023

Information about security benefits of split-stack option can be found on a article from Red-Hat website : https://developers.redhat.com/articles/2022/06/02/use-compiler-flags-stack-protection-gcc-and-clang#

We have the chance to have one of the two authors, @siddhesh, already contributing to the guide. Maybe this option was already discussed.

Regards,

@SecurityCRob
Copy link
Contributor

Has this been addressed by the C/C++ Compiler Hardening options guide? @gkunz @thomasnyman @david-a-wheeler

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Product: Compiler Hardening Guide
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@SecurityCRob @Flo4152