From 21517923e13bf608675fa5cd6c2ba9187105e210 Mon Sep 17 00:00:00 2001 From: Marcin S Date: Thu, 18 May 2023 08:44:00 -0400 Subject: [PATCH] Document stack-protector option Only updated `exploit-mitigations.md` to reflect that the option exists. Removed the alternatives mentioned as they are not actually implemented yet. As this is an unstable feature, should it be added to `unstable-book` also? I didn't do that because I couldn't find the tracking issue for it. (There should be one to track stabilization of the feature.) --- src/doc/rustc/src/exploit-mitigations.md | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/src/doc/rustc/src/exploit-mitigations.md b/src/doc/rustc/src/exploit-mitigations.md index 98b49e07171c..a677cd4b389a 100644 --- a/src/doc/rustc/src/exploit-mitigations.md +++ b/src/doc/rustc/src/exploit-mitigations.md @@ -115,9 +115,9 @@ equivalent. Stack smashing protection - No + Yes - + Nightly @@ -432,9 +432,7 @@ saved return instruction pointer, and checking if this value has changed when returning from a function. This is also known as “Stack Protector” or “Stack Smashing Protector (SSP)”. -The Rust compiler does not support stack smashing protection. However, more -comprehensive alternatives to stack smashing protection exist, such as -shadow and safe stack (see backward-edge control flow protection). +The Rust compiler supports stack smashing protection on nightly builds[42]. ![Screenshot of IDA Pro listing cross references to __stack_chk_fail in hello-rust.](images/image3.png "Cross references to __stack_chk_fail in hello-rust.") Fig. 14. IDA Pro listing cross references to `__stack_chk_fail` in @@ -697,3 +695,6 @@ defaults (unrelated to `READ_IMPLIES_EXEC`). 41. “ControlFlowIntegrity.” The Rust Unstable Book. [https://doc.rust-lang.org/unstable-book/compiler-flags/sanitizer.html#controlflowintegrity](../unstable-book/compiler-flags/sanitizer.html#controlflowintegrity). + +42. bbjornse. “add codegen option for using LLVM stack smash protection #84197.” + GitHub.