[tor-bugs] #12420 [Tor bundles/installation]: Investigate deploying STACK to check for optimization-unstable code
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Jun 18 14:55:44 UTC 2014
#12420: Investigate deploying STACK to check for optimization-unstable code
--------------------------------------+-----------------------
Reporter: gk | Owner: erinn
Type: defect | Status: new
Priority: normal | Milestone:
Component: Tor bundles/installation | Version:
Keywords: tbb-security | Actual Points:
Parent ID: | Points:
--------------------------------------+-----------------------
Optimization-unstable code (code that is unexpectedly eliminated by
compiler optimizations due to undefined behavior in the program) can lead
to serious bugs in programs. We should think about deploying STACK, which
helps to detect this class of bugs, when building our hardened bundles at
least. Relevant reading material:
http://kqueue.org/blog/2013/09/17/cltq/
http://css.csail.mit.edu/stack/
http://pdos.csail.mit.edu/papers/stack:sosp13.pdf
http://pdos.csail.mit.edu/papers/ub:apsys12.pdf
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12420>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list