On Tue, Aug 15, 2017 at 05:12:39PM -0700, Ori Bernstein wrote: > On Sat, 22 Jul 2017 02:25:29 -0400 > Todd Mortimer <t...@opennet.ca> wrote: > > > xor [rsp], rsp > > > > at the start of each function, and before every RET. > > Wouldn't this break with alloca() or C99 VLAs? > %rbp may work better, if the frame pointer is > retained.
If alloca or C99 VLAs would break with this, than RET is broken with alloca and C99 VLAs. At the time of the RET, %rsp *must* point to the return address, or else RET will pop the wrong thing. So as long as we insert the xor as the first instruction in the function preamble, then we will xor the return pointer before alloca or VLAs have an opportunity to modify %rsp, so when we later RET, we can xor it back. Of course, I am happy to be proven wrong. If you can demonstrate a test case where this breaks things, then please send it along and we can see about fixing it. Cheers, Todd
