Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add control flow integrity (cfi) #16

Open
tarakby opened this issue Sep 5, 2024 · 1 comment
Open

add control flow integrity (cfi) #16

tarakby opened this issue Sep 5, 2024 · 1 comment
Assignees
@tarakby
Labels
enhancement New feature or request

Comments

@tarakby
Copy link
Collaborator

tarakby commented Sep 5, 2024

Issue to be solved

Add cfi in the C flags to protect the package against non intended code execution flows in the package.

CFI only available on clang and linux, and can be added by extending CFLAGS to include -fvisibility=hidden -flto -fsanitize=cfi.
The feature should be added only when building with clang on linux. Enforcing CFI for all usage of the package forces users to use clang which may add friction to importing the package.

original issue is onflow/flow-go#3668.

Suggested Solution

No response
@tarakby tarakby self-assigned this Sep 5, 2024
@tarakby tarakby mentioned this issue Sep 5, 2024
Closed
@tarakby
Copy link
Collaborator Author

tarakby commented Sep 5, 2024

draft PR to enable CFI: #14

@tarakby tarakby added the enhancement New feature or request label Sep 5, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@tarakby tarakby

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@tarakby