Stack clash mitigation in GCC, Part 3

By Jeff Law May 22, 2020May 19, 2020

In previous posts, Stack Clash Mitigation in GCC — Background and Stack Clash mitigation in GCC: Why -fstack-check is not the answer, I hopefully showed the basics of how stack clash attacks are structured and why GCC’s existing -fstack-check mechanism is insufficient for protection.

So, what should we do? Clearly we want something similar to -fstack-check, but without the fundamental problems. Enter a new option: -fstack-clash-protection.

The key principles for code generation to prevent a stack clash attack are:

Continue reading “Stack clash mitigation in GCC, Part 3”

Stack Clash mitigation in GCC: Why -fstack-check is not the answer

By Jeff Law April 30, 2019April 26, 2019

In our previous article about Stack Clash, we covered the basics of the Stack Clash vulnerability. To summarize, an attacker first uses various means to bring the heap and stack close together. A large stack allocation is then used to “jump the stack guard.” Subsequent stores into the stack may modify objects in the heap or vice versa. This, in turn, can be used by attackers to gain control over applications.

GCC has a capability (-fstack-check), which looked promising for mitigating Stack Clash attacks. This article will cover how -fstack-check works and why it is insufficient for mitigating Stack Clash attacks.

Continue reading “Stack Clash mitigation in GCC: Why -fstack-check is not the answer”

Stack Clash Mitigation in GCC — Background

By Jeff Law September 25, 2017September 22, 2017

It has long been recognized that unconstrained growth of memory usage constitutes a potential denial of service vulnerability. Qualys has shown that such unconstrained growth can be combined with other vulnerabilities and exploited in ways that are more serious.

Continue reading “Stack Clash Mitigation in GCC — Background”

Upcoming features in GCC 6

By Jeff Law February 23, 2016

The GCC project has traditionally made major releases yearly in the March/April timeframe. March is rapidly approaching and the GCC project’s engineers are busy polishing things up for the GCC 6 release. I’m going to take a short break from my own release efforts to briefly talk about some of the new features.

Warnings GCC strives to implement warnings which help developers catch errors at compile time rather than allow potentially dangerous code to be silently accepted and ultimately deployed. For GCC 6, the major warning additions are:

Misleading indentation: The goal of the misleading indentation warning is to detect code where the block structure likely does not match how a human would read the code. The most obvious example is the the “Apple SSL bug” from 2014 where mis-indented code made it look like a GOTO was guarded by a prior IF conditional, when in fact it was not guarded at all. This will be covered in more detail in a blog post from David Malcolm.

Tautological comparisons: Code which compares an object to itself and which always evaluates to the same result often represents a typo/bug in the source code. GCC 6 will now warn for such comparisons.

Continue reading “Upcoming features in GCC 6”

GCC 5 in Fedora

By Jeff Law and Jonathan Wakely and Matt Newsome and Jakub Jelínek and Jason Merrill February 10, 2015June 11, 2017

Fedora 22 will ship with GCC 5, which brings a whole host of enhancements, among which is a new default C++ ABI. In this article, we’ll cover how that ABI transition will work in Fedora.

Background – what’s an ABI, why is it changing, and what does this mean for developers?

Put simply, binary compatibility means applications that are compiled on a combination of an operating system and a particular hardware architecture will load and run similarly across different instances of the operating environment. Application binaries consist of executable files and Dynamic Shared Objects (DSOs – the formal name for shared libraries), and the level of compatibility is defined by a specific application binary interface (ABI).

Continue reading “GCC 5 in Fedora”

Red Hat Enterprise Linux 7 GCC Optimizations – partial inlining indepth

By Jeff Law and ktietz2014 October 29, 2014April 5, 2018

In this prior post we mentioned several new optimization improvements in GCC for Red Hat Enterprise Linux 7. It’s time to dig a little deeper. In this post we will focus on partial inlining/function outlining which are part of the Inter-Procedural Analysis (IPA) framework.

Function inlining is a well known technique to improve application performance by expanding the body of a called function into one or more of its call site(s). Function inlining decreases function call overhead, may improve icache behaviour, expose previously hidden redundancies, etc. However, the increase in total code size may be detrimental and, as a result, heuristics which drive inlining are very sensitive to code growth. Function outlining/partial inlining are variants of function inlining to allow for inlining with less code growth.

Continue reading “Red Hat Enterprise Linux 7 GCC Optimizations – partial inlining indepth”

Improvements in memstomp

By Jeff Law October 7, 2014April 5, 2018

memstomp is an interposition library to detect cases where applications may exhibit undefined behaviour when calling routines within the C library (glibc).

The first version of memstomp was focused on detecting cases where source and destination memory regions passed to C library routines such as memcpy overlapped in ways not allowed by the ISO C standard. Matt Newsome’s blog post shows how to utilize memstomp to find that class of bugs.

Continue reading “Improvements in memstomp”

What’s new in GCC for Red Hat Enterprise Linux 7

By Jeff Law August 11, 2014

With the recent release of Red Hat Enterprise Linux 7, we have some great new features to pass along. In this post we walk through GCC 4.8 and see what is new for developers.

Continue reading “What’s new in GCC for Red Hat Enterprise Linux 7”

Blog Articles

Jeff Law

Recent Posts