This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: Alternative libio vtable hardening approach
- From: Pedro Alves <palves at redhat dot com>
- To: Florian Weimer <fweimer at redhat dot com>, GNU C Library <libc-alpha at sourceware dot org>, Kees Cook <keescook at chromium dot org>, Yunlian Jiang <yunlian at google dot com>
- Date: Fri, 3 Jun 2016 10:57:41 +0100
- Subject: Re: Alternative libio vtable hardening approach
- Authentication-results: sourceware.org; auth=none
- References: <b34105f2-adcb-9347-73c0-43079729c418 at redhat dot com> <ec8e25c2-d6b4-c372-6b81-5240cb973910 at redhat dot com> <a1a71129-c432-bfb4-8580-dcb79573c92e at redhat dot com>
On 06/03/2016 10:44 AM, Florian Weimer wrote:
> This will need an additional substraction in the validation code because
> there is no relocation to express the different between two pointers,
> even though this value is a link-time constant. The statically sized
> array makes the difference a constant, avoiding this problem.
Is it a problem in practice?
>
> (GCC currently does not perform this optimization for pointer
> differences, but it's easy enough to do it manually.)
I believe it would sort out the "static link now pulls
everything" issue mentioned downthread, though.
Thanks,
Pedro Alves