Open Bug 1468382 Opened 6 years ago Updated 3 months ago

Remove -fsanitize-cfi-icall-generalize-pointers

Tracking

()

Status:

NEW

People

(Reporter: tjr, Unassigned)

References

(Blocks 1 open bug)

Details

Tom Ritter [:tjr] (OOTO until 4/30 at least)

Reporter

Description

•

6 years ago

Initially, I'm throwing this flag across the entire codebase. That's far from ideal, it weakens CFI icall by making it much more coarse.  

Ideally:
 - All mozilla code is fixed to not need it
 - It is applied to either individual third party libraries or (preferably) individual source code files in them

Takanori MATSUURA

Comment 1

•

4 years ago

Is this bug still active?

Tom Ritter [:tjr] (OOTO until 4/30 at least)

Reporter

Comment 2

•

4 years ago

At the moment, we are not working on CFI; so this flag is not in the codebase. If/When we do deploy CFI, we will likely initially land it with this flag and then work to remove it.

BMO Automation

Updated

•

2 years ago

Severity: normal → S3

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

Remove -fsanitize-cfi-icall-generalize-pointers

Categories

(Core :: Security, defect)

Tracking

()

People

(Reporter: tjr, Unassigned)

References

(Blocks 1 open bug)

Details

Crash Data

Security

(public)

User Story

Description

Comment 1

Comment 2

Updated