[Bug 2200] RFE: Solaris should compile Xserver and X11 applications
with -xcheck=stkovf
bugzilla-daemon@freedesktop.org
bugzilla-daemon@freedesktop.org
Mon Jan 3 08:51:14 PST 2005
Please do not reply to this email: if you want to comment on the bug, go to
the URL shown below and enter yourcomments there.
https://bugs.freedesktop.org/show_bug.cgi?id=2200
------- Additional Comments From alan.coopersmith@sun.com 2005-01-03 08:51 -------
The only stack overflows (other than buffer overflows on the stack which
get fixed other ways) I remember seeing in X servers on Solaris have been
attempts to allocate way too much memory via alloca() - personally I'd rather
solve those by removing alloca() as its lack of any way to check errors is
not a good design.
We get a limited amount of protection against overflow exploits on SPARC & AMD64
platforms by linking with mapfiles that mark stack & data segments as
non-executable (see /usr/lib/ld/map.noexstk & on Solaris 10
/usr/lib/ld/map.noexdata - limited because it doesn't prevent all classes of
exploits, just the easier ones).
--
Configure bugmail: https://bugs.freedesktop.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the xorg-bugzilla-noise
mailing list