Hi, On Thu, Jul 22, 2021 at 07:53:58AM +0200, Didier Kryn wrote: > There's a choice of options in GCC to deal with stack protection. > Eg: -fstack-check > > Plus a bunch of macros. > > They all deal with allocation of automatic variables. For alloca(), > instead, there's explicitely no check.
I don't find any reference about automatic variables in the docs regarding this topic. Actually, the description of gcc's alloca() builtin states that it behaves similar to automatic variables. However, all these macros will not prevent you from stack overflow but only help you to detect one when it already happened. Also, the way gcc implements the check (probing SP) works for alloca and for automatic variables in the same way. However, once you have detected a stack overflow, your application is in an inconsistent state. Of course you can implement some kind of rescue. (e.g using libsigsev) But you have to do a clean rewind of your app state back to state before the overflow occurred. This can become quite complex and hard to maintain. And then your're back to state before stack overflow, but what is the application supposed to do then? Log and ignore the request? Terminate? Ask the User? The point is, an application should be designed such that a stack overflow just can not occur. And this implies length checking, regardless if using automatic vars or alloca. > In addition, the compiler is not informed of the invocation of > alloca(); therefore the space allocated to non-static automatic > variables may overlap with the space "allocated" by alloca(). No. This is wrong alloca() is implemented as compiler builtin and does exactly the same as GCC does when allocating automatic vars on the stack. Prove: https://godbolt.org/z/abqK4T43c The generated machine code is identical including the stack overflow checking code. cheers, Andreas -- gnuPG keyid: 8C2BAF51 fingerprint: 28EE 8438 E688 D992 3661 C753 90B3 BAAA 8C2B AF51
signature.asc
Description: PGP signature
_______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng