diff options
author | Thomas Weißschuh <linux@weissschuh.net> | 2023-05-21 11:36:31 +0200 |
---|---|---|
committer | Paul E. McKenney <paulmck@kernel.org> | 2023-06-09 11:46:08 -0700 |
commit | 88fc7eb54ecc6db8b773341ce39ad201066fa7da (patch) | |
tree | b4c5eb62c9f06d045c4daf6d0fe85287af3ddfec /tools/include | |
parent | 7a9b2345202a14dfec9081994486156f7a691513 (diff) |
tools/nolibc: ensure stack protector guard is never zero
The all-zero pattern is one of the more probable out-of-bound writes so
add a special case to not accidentally accept it.
Also it enables the reliable detection of stack protector initialization
during testing.
Signed-off-by: Thomas Weißschuh <linux@weissschuh.net>
Signed-off-by: Willy Tarreau <w@1wt.eu>
Signed-off-by: Paul E. McKenney <paulmck@kernel.org>
Diffstat (limited to 'tools/include')
-rw-r--r-- | tools/include/nolibc/stackprotector.h | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/tools/include/nolibc/stackprotector.h b/tools/include/nolibc/stackprotector.h index 77e5251c4490..b0156fc077a0 100644 --- a/tools/include/nolibc/stackprotector.h +++ b/tools/include/nolibc/stackprotector.h @@ -45,8 +45,9 @@ __attribute__((weak,no_stack_protector,section(".text.nolibc_stack_chk"))) void __stack_chk_init(void) { my_syscall3(__NR_getrandom, &__stack_chk_guard, sizeof(__stack_chk_guard), 0); - /* a bit more randomness in case getrandom() fails */ - __stack_chk_guard ^= (uintptr_t) &__stack_chk_guard; + /* a bit more randomness in case getrandom() fails, ensure the guard is never 0 */ + if (__stack_chk_guard != (uintptr_t) &__stack_chk_guard) + __stack_chk_guard ^= (uintptr_t) &__stack_chk_guard; } #endif /* defined(NOLIBC_STACKPROTECTOR) */ |