[PATCH] Add support for stack-protector
Alex Sadovsky
nable.maininbox at googlemail.com
Sun Jan 10 23:40:13 CET 2021
Hi,
> +
> +unsigned long __stack_chk_guard = 0xfeedf00ddeadbeef;
sizeof(unsigned long) isn't always 8, even gcc issues a warning when it's invoked with proper options (e.g. 32-bit build):
> warning: conversion from ‘long long unsigned int’ to ‘long unsigned int’ changes value from ‘18369602397475290863’ to ‘3735928559’ [-Woverflow]
Maybe there's some better way to initialize this variable. E.g. with #if … #else … #endif or using some initialization function that is invoked early.
I should also mention that a fixed canary value doesn't actually bring proper protection against exploits, thus run-time initialization with a random value is usually preferred.
I'm not sure whether it's important at all in bootloader code, I just wanted to be sure that it isn't unnoticed.
Cheers, Alex.
More information about the U-Boot
mailing list