[Bug 2200] RFE: Solaris should compile Xserver and X11 applications with -xcheck=stkovf

bugzilla-daemon at freedesktop.org bugzilla-daemon at freedesktop.org
Mon Mar 7 13:16:30 PST 2005


Please do not reply to this email: if you want to comment on the bug, go to    
       
the URL shown below and enter yourcomments there.     
   
https://bugs.freedesktop.org/show_bug.cgi?id=2200          
     




------- Additional Comments From roland.mainz at nrubsig.org  2005-03-07 13:16 -------
(In reply to comment #3)
> The only stack overflows (other than buffer overflows on the stack which 
> get fixed other ways) I remember seeing in X servers on Solaris have been 
> attempts to allocate way too much memory via alloca() - personally I'd rather
> solve those by removing alloca() as its lack of any way to check errors is
> not a good design.

OK... should be close this bug as WONTFIX then ?

> We get a limited amount of protection against overflow exploits on SPARC & AMD64 
> platforms by linking with mapfiles that mark stack & data segments as
> non-executable (see /usr/lib/ld/map.noexstk & on Solaris 10 
> /usr/lib/ld/map.noexdata - limited because it doesn't prevent all classes of
> exploits, just the easier ones).

Which compiler switch is needed to get that working in Solaris 10 ?          
     
     
--           
Configure bugmail: https://bugs.freedesktop.org/userprefs.cgi?tab=email         
     
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.


More information about the xorg-bugzilla-noise mailing list