1 |
On 12/24/2017 02:43 AM, Adam Carter wrote: |
2 |
> Oh I just noticed that vtv is now default enabled for gcc, so you |
3 |
> could try; |
4 |
> |
5 |
> CXXFLAGS="${CFLAGS} -fvtable-verify=std" |
6 |
> |
7 |
> I tried this on earlier gccs, and there was a fair bit of breakage so |
8 |
> i didnt persue it. Maybe i'll re-try with 7.2 to see how things have |
9 |
> progressed. |
10 |
|
11 |
Would you please elaborate on what types of breakage you saw? |
12 |
|
13 |
> "security feature that verifies at run time, for every virtual call, |
14 |
> that the vtable pointer through which the call is made is valid for the |
15 |
> type of the object, and has not been corrupted or overwritten. If an |
16 |
> invalid vtable pointer is detected at run time, an error is reported |
17 |
> and execution of the program is immediately halted" |
18 |
|
19 |
I'm extremely new to these types of thing and don't truly understand the |
20 |
failure mode of things like this. It sound slike vtable-verify will |
21 |
conceptually make things more secure. But I don't know enough to know |
22 |
how likely believed to be perfectly happy code will pass or fail such |
23 |
vtable verifications. |
24 |
|
25 |
|
26 |
|
27 |
-- |
28 |
Grant. . . . |
29 |
unix || die |