On Wed, Aug 21, 2013 at 04:43:13PM +0200, Stephen Röttger wrote: > Hi everyone, > > I'd like to present you my master's thesis "Malicious Code Execution > Prevention through Function Pointer Protection" [0] and its > proof-of-concept implementation [1] for the gcc+glibc and would > appreciate some feedback. >
> > Performance: > Though my PoC implementation is not free of bugs, I was able to compile > an nginx webserver and have it serve static websites, which I used for a > performance evaluation. On my test system, the number of requests per > second that the nginx could was reduced to 96% compared to a nginx > without the scheme. Handling of a single request included 71 function > pointer calls in this case. (More details can be found in my thesis [0]) > What is performance impact for program that just qsorts big array? It looks like worst case scenario for me. Well now when gcc-4.7 can resolve function pointers it is possible to create header to inline comparison but still.
