[Bug 1820798] [NEW] hardening-check: add support for detecting stack clash protected binaries
Alex Murray
alex.murray at canonical.com
Tue Mar 19 06:27:33 UTC 2019
Public bug reported:
The security team is in the process of making -fstack-clash-protection
enabled by default in gcc-8/9 for 19.10 / 20.04. To support this it is
useful to be able to detect binaries which include this new feature via
hardening-check. Unlike previous features this can only be detected by
looking for the sequence of instructions which perform this feature in
the disassembly output via objdump.
** Affects: devscripts (Ubuntu)
Importance: Undecided
Status: New
** Patch added: "debdiff against current version in disco to add this feature"
https://bugs.launchpad.net/bugs/1820798/+attachment/5247482/+files/devscripts_2.19.3ubuntu0.1.debdiff
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to devscripts in Ubuntu.
https://bugs.launchpad.net/bugs/1820798
Title:
hardening-check: add support for detecting stack clash protected
binaries
Status in devscripts package in Ubuntu:
New
Bug description:
The security team is in the process of making -fstack-clash-protection
enabled by default in gcc-8/9 for 19.10 / 20.04. To support this it is
useful to be able to detect binaries which include this new feature
via hardening-check. Unlike previous features this can only be
detected by looking for the sequence of instructions which perform
this feature in the disassembly output via objdump.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/devscripts/+bug/1820798/+subscriptions
More information about the foundations-bugs
mailing list