https://sourceware.org/bugzilla/show_bug.cgi?id=29072
Bug ID: 29072 Summary: ld silently make the program stack area executable if nested function is used Product: binutils Version: unspecified Status: UNCONFIRMED Severity: normal Priority: P2 Component: ld Assignee: unassigned at sourceware dot org Reporter: rui314 at gmail dot com Target Milestone: --- GCC's nested function (https://gcc.gnu.org/onlinedocs/gcc/Nested-Functions.html) depends on the executable stack, so the feature has a huge implication on a generated program's security. Essentially, using the nested function feature makes the entire program vulnerable to a simple buffer overflow attack. GNU ld makes the stack area executable if at least one object file contains a `.note.GNU-stack` section with `SHF_EXECINSTR`. GCC emits such section if the nested function feature is used. I think this surprises users. If you link against an object file that contains such note section, the program's entire executable becomes executable without any notice. Frankly, this looks very dangerous to me. Can we make a change to GNU ld so that it at least print out a warning message for the executable stack? If a user explicitly requests the executable stack by passing `-z execstack`, then we can mute the warning. -- You are receiving this mail because: You are on the CC list for the bug.