[tor-bugs] #20361 [Applications/Tor Browser]: Investigate CFI means for usage in Tor Browser

Tor Bug Tracker & Wiki blackhole at torproject.org
Sat Mar 11 20:12:20 UTC 2017


#20361: Investigate CFI means for usage in Tor Browser
----------------------------------------+--------------------------
 Reporter:  gk                          |          Owner:  tbb-team
     Type:  task                        |         Status:  new
 Priority:  Medium                      |      Milestone:
Component:  Applications/Tor Browser    |        Version:
 Severity:  Normal                      |     Resolution:
 Keywords:  tbb-security, tbb-hardened  |  Actual Points:
Parent ID:                              |         Points:
 Reviewer:                              |        Sponsor:
----------------------------------------+--------------------------

Comment (by gk):

 Arthur looked at it recently a bit (in #21711):
 {{{
 I tried to build tor-browser.git using -fsanitize=cfi and I ran into the
 following bug that was reported recently:
 http://lists.llvm.org/pipermail/llvm-dev/2017-February/109861.html

 Fortunately, it seems this bug has been fixed in clang 4.0. Binaries for
 clang 4.0.0 should be available in a few days so I will try again then.

 See https://clang.llvm.org/docs/ControlFlowIntegrity.html
 }}}

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20361#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list