GNU bug report logs - #27429
Stack clash (CVE-2017-1000366 etc)

Previous Next

Full log

View this message in rfc822 format

From: Leo Famulari <leo <at> famulari.name>
To: 27429 <at> debbugs.gnu.org, mbakke <at> fastmail.com, dannym <at> scratchpost.org
Subject: bug#27429: Stack clash (CVE-2017-1000366 etc); -fstack-check
Date: Sun, 25 Jun 2017 09:19:45 -0400

I agree, let's wait for guidance from the upstream GCC and GLIBC developers.


-------- Original Message --------
From: Marius Bakke <mbakke <at> fastmail.com>
Sent: June 25, 2017 6:41:06 AM EDT
To: Danny Milosavljevic <dannym <at> scratchpost.org>, 27429 <at> debbugs.gnu.org
Subject: bug#27429: Stack clash (CVE-2017-1000366 etc); -fstack-check

Danny Milosavljevic <dannym <at> scratchpost.org> writes:

> Hi,
>
> what do you all think of rebuilding the world with "-fstack-check" (either now or later on) ?
>
> That would make gcc emit code to always grow the stack in a way that it certainly touches each 4 KiB (parametrizable by STACK_CHECK_PROBE_INTERVAL_EXP) page on the way.
>
> I think that would be the right and permanent fix - unlike the whack-a-mole approach where we patch programs not to do what they are supposed to do, if their stack allocation happens to grow.
>
> See also <https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt> and <https://gcc.gnu.org/onlinedocs/gccint/Stack-Checking.html>.

Red Hat investigated this during the embargo[0] and found that the
current implementation in GCC has problems[1]. We should wait until
those issues are resolved first, but sounds good to me.

[0] http://seclists.org/oss-sec/2017/q2/556
[1] http://seclists.org/oss-sec/2017/q2/505

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.