commit | 74a28a8af21977ebbc2945beb879f1b9b6ff13ba | [log] [tgz] |
---|---|---|
author | jvoisin <julien.voisin@dustri.org> | Mon Dec 13 21:05:19 2021 +0100 |
committer | Rich Felker <dalias@aerifal.cx> | Tue Mar 08 16:52:25 2022 -0500 |
tree | bdd571f09e938573bae3a579dc2f0e817b0c805a | |
parent | 7c0c7a75ec8ecf3eedefc40bb4dae5aaa76d7108 [diff] |
protect stack canary from leak via read-as-string by zeroing second byte This reduces entropy of the canary from 64-bit to 56-bit in exchange for mitigating non-terminated C string overflows by setting the second byte of the canary to nul, so that off-by-one write overflow with a nul byte can still be detected. Idea from GrapheneOS bionic commit 7024d880b51f03a796ff8832f1298f2f1531fd7b