This is the mail archive of the mailing list for the glibc project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: alloca avoidance patches

On Mon, 19 Jun 2017, Szabolcs Nagy wrote:

> On 19/06/17 17:47, Joseph Myers wrote:
> > It seems to me that we need a clear definition of what stack frame size 
> > glibc can assume is safe (so that we can aim to eliminate alloca and VLAs 
> > unless the compiler can see they are bounded, and use -Wstack-usage= for 
> > building glibc to make sure no function uses too much stack).
> my experience with musl is that the tricky recursive
> unbounded stack usage cases are not possible to catch

Recursive usage is not the issue here, provided that each such recursive 
function doesn't allocate too much stack itself, and always accesses the 
allocated stack before or as part of calling another function, so ensuring 
it's not possible to jump the guard page (or multiple-page guard region, 
if the platform ABI requires the kernel fixes enlarging the region to 
ensure security).  (Large recursive usage may be a QoI issue or a bug, but 
it's not a security issue.)

Joseph S. Myers

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]