mikros/rust
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Rollup merge of #111722 - mrcnski:stack-protector-doc, r=rcvalle

Browse Source 
Document stack-protector option

Only updated `exploit-mitigations.md` to reflect that the option exists. Removed the alternatives mentioned as they are not actually implemented yet.

As this is an unstable feature, should it be added to `unstable-book` also? [Example](https://doc.rust-lang.org/beta/unstable-book/compiler-flags/sanitizer.html). I didn't do that because I couldn't find the tracking issue for stack-protector. (There should be one to track stabilization of the feature, I think?)

cc `@rcvalle`
This commit is contained in:
Matthias Krüger 2023-05-23 19:53:41 +02:00 committed by GitHub
commit ee08dd8658
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 9 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
src/doc/rustc/src/exploit-mitigations.md
View File

@ -115,9 +115,9 @@ equivalent.
<tr>
<td>Stack smashing protection
</td>
<td>No
<td>Yes
</td>
<td>
<td>Nightly
</td>
</tr>
<tr>
@ -432,18 +432,16 @@ saved return instruction pointer, and checking if this value has changed
when returning from a function. This is also known as “Stack Protector” or
“Stack Smashing Protector (SSP)”.
The Rust compiler does not support stack smashing protection. However, more
comprehensive alternatives to stack smashing protection exist, such as
shadow and safe stack (see backward-edge control flow protection).
The Rust compiler supports stack smashing protection on nightly builds[42].
![Screenshot of IDA Pro listing cross references to __stack_chk_fail in hello-rust.](images/image3.png "Cross references to __stack_chk_fail in hello-rust.")
Fig. 14. IDA Pro listing cross references to `__stack_chk_fail` in
hello-rust.
To check if stack smashing protection is enabled for a given binary, search
for cross references to `__stack_chk_fail`. The only cross references to
`__stack_chk_fail` in hello-rust are from the statically-linked libbacktrace
library (see Fig. 14).
for cross references to `__stack_chk_fail`. The presence of these
cross-references in Rust-compiled code (e.g., `hello_rust::main`) indicates
that the stack smashing protection is enabled (see Fig. 14).
### Forward-edge control flow protection
@ -697,3 +695,6 @@ defaults (unrelated to `READ_IMPLIES_EXEC`).
41. “ControlFlowIntegrity.” The Rust Unstable Book.
[https://doc.rust-lang.org/unstable-book/compiler-flags/sanitizer.html#controlflowintegrity](../unstable-book/compiler-flags/sanitizer.html#controlflowintegrity).
42. bbjornse. “add codegen option for using LLVM stack smash protection #84197.”
GitHub. <https://github.com/rust-lang/rust/pull/84197>

BIN
src/doc/rustc/src/images/image3.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 71 KiB

After

Width:  |  Height:  |  Size: 19 KiB