[clang] [PAC] Implement authentication for C++ member function pointers (PR #99576)

Daniil Kovalev via cfe-commits Sun, 21 Jul 2024 16:40:47 -0700

================
@@ -1036,9 +1155,32 @@ llvm::Constant *ItaniumCXXABI::BuildMemberPointer(const 
CXXMethodDecl *MD,
       //   least significant bit of adj then makes exactly the same
       //   discrimination as the least significant bit of ptr does for
       //   Itanium.
-      MemPtr[0] = llvm::ConstantInt::get(CGM.PtrDiffTy, VTableOffset);
-      MemPtr[1] = llvm::ConstantInt::get(CGM.PtrDiffTy,
-                                         2 * ThisAdjustment.getQuantity() + 1);
+
+      // We cannot use the Itanium ABI's representation for virtual member
+      // function pointers under pointer authentication because it would
+      // require us to store both the virtual offset and the constant
+      // discriminator in the pointer, which would be immediately vulnerable
----------------
kovdan01 wrote:


> which would be immediately vulnerable to attack

Nit: it's probably worth adding a bit more explanation for future code readers 
who are not deeply integrated into pauth context.

Feel free to ignore.

https://github.com/llvm/llvm-project/pull/99576
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] [PAC] Implement authentication for C++ member function pointers (PR #99576)

Reply via email to