security: update docs
Add/update information about format string vulnerability
protections and stack protections.
Change-Id: I3b1f37253469dfb0f57303cf1831aeb771fc673e
diff --git a/src/tech/security/index.md b/src/tech/security/index.md
index 4c598a9..2b55206 100644
--- a/src/tech/security/index.md
+++ b/src/tech/security/index.md
@@ -321,7 +321,7 @@
+ Address Space Layout Randomization (ASLR) to randomize key locations in memory
+ Hardware-based No eXecute (NX) to prevent code execution on the stack and heap
-+ ProPolice to prevent stack buffer overruns
++ ProPolice to prevent stack buffer overruns (-fstack-protector)
+ safe_iop to reduce integer overflows
+ Extensions to OpenBSD dlmalloc to prevent double free() vulnerabilities and
to prevent chunk consolidation attacks. Chunk consolidation attacks are a
@@ -329,6 +329,7 @@
+ OpenBSD calloc to prevent integer overflows during memory allocation
+ Linux mmap_min_addr() to mitigate null pointer dereference privilege
escalation
++ Format string vulnerability protections (-Wformat-security -Werror=format-security)
##Rooting of Devices