GeistHaus
log in · sign up

Instrumentation Options (Using the GNU Compiler Collection (GCC))

gcc.gnu.org

Instrumentation Options (Using the GNU Compiler Collection (GCC))

15 pages link to this URL
Hardening C/C++ Programs Part I – Stack Protector
Productive C++ Author Martin

When C, C++ and the Internet were conceived, they were mostly used by academics. Attacks on computer systems were rare, since there was not much incentive to it, so there did not have to be

0 inbound links article en Hardening clanggccHardeningSecurity
Leveraging Your Toolchain to Improve Security - Embedded Artistry
Embedded Artistry LLC; Embedded Artistry Phillip Johnston

20 September 2023 by Phillip Johnston • Last updated 28 September 2023Your toolchain is a useful place to start when incorporating security into your development process. There are several warnings and program augmentations that help harden your application. This article focuses on GCC and Clang, as that’s what I primarily use. I’m happy to take … Continue reading "Leveraging Your Toolchain to Improve Security"

0 inbound links article en Uncategorized clanggccSecurity
Faulty Stack Smashing Protection on ARM Systems
Invd Blog Christian Reitter

I discovered during the analysis of the CVE-2021-31616 vulnerability that the stack canary logic in the KeepKey firmware was broken and could be bypassed to perform practical stack smashing attacks. Further investigation revealed that the incorrect stack protection assembler code is produced through a bug in certain GCC 9 and GCC 10 compiler versions for ARM, where it has been present for about a year. This problem has the potential to affect a wide range of ARM based embedded systems.

1 inbound link article en
Compiler Options Hardening Guide for C and C++
Open Source Security Foundation (OpenSSF) Open Source Security Foundation

This is a list of materials (documents, services, and so on) released by the Open Source Security Foundation (OpenSSF) Best Practices Working Group (WG).

7 inbound links website en