|
|
|
|
|
|
by masklinn
4006 days ago
|
|
|
According to https://github.com/Microsoft/clang/blob/master/docs/SafeStac... safestack alone doesn't fully protect against ROP: > With SafeStack alone, an attacker can overwrite a function pointer on the heap or the unsafe stack and cause a program to call arbitrary location, which in turn might enable stack pivoting and return-oriented programming. And you need additional features (such as CPI from the paper you and the commit message link to) for full protection. |
|
|