Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / musl / 74a28a8af21977ebbc2945beb879f1b9b6ff13ba
commit74a28a8af21977ebbc2945beb879f1b9b6ff13ba[log] [tgz]
authorjvoisin <julien.voisin@dustri.org>Mon Dec 13 21:05:19 2021 +0100
committerRich Felker <dalias@aerifal.cx>Tue Mar 08 16:52:25 2022 -0500
treebdd571f09e938573bae3a579dc2f0e817b0c805a
parent7c0c7a75ec8ecf3eedefc40bb4dae5aaa76d7108 [diff]
protect stack canary from leak via read-as-string by zeroing second byte

This reduces entropy of the canary from 64-bit to 56-bit in exchange
for mitigating non-terminated C string overflows by setting the second
byte of the canary to nul, so that off-by-one write overflow with a
nul byte can still be detected.

Idea from GrapheneOS bionic commit 7024d880b51f03a796ff8832f1298f2f1531fd7b
1 file changed
tree: bdd571f09e938573bae3a579dc2f0e817b0c805a
  1. arch/
  2. compat/
  3. crt/
  4. dist/
  5. include/
  6. ldso/
  7. src/
  8. tools/
  9. .gitignore
  10. .mailmap
  11. configure
  12. COPYRIGHT
  13. dynamic.list
  14. INSTALL
  15. Makefile
  16. README
  17. VERSION
  18. WHATSNEW