-
-
Notifications
You must be signed in to change notification settings - Fork 368
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enable trivial auto var init #1749
Labels
Comments
You can open a Pull Request |
BayLee4
added a commit
to BayLee4/bromite
that referenced
this issue
Feb 4, 2022
…' and enable 'Strict Origin Isolation' by default
BayLee4
added a commit
to BayLee4/bromite
that referenced
this issue
Feb 4, 2022
…' and enable 'Strict Origin Isolation' by default
BayLee4
added a commit
to BayLee4/bromite
that referenced
this issue
Feb 4, 2022
…' and enable 'Strict Origin Isolation' by default
BayLee4
added a commit
to BayLee4/bromite
that referenced
this issue
Feb 4, 2022
csagan5
changed the title
Merge some Vanadium security patches
Enable trivial auto var init
Feb 4, 2022
csagan5
pushed a commit
that referenced
this issue
Feb 5, 2022
Fixed in |
ChanningPromethean
pushed a commit
to PrometheanWorld/bromite
that referenced
this issue
May 12, 2023
ChanningPromethean
pushed a commit
to PrometheanWorld/bromite
that referenced
this issue
May 12, 2023
…the latest version, from 95.0.4638.78 -> 98.0.4758.108 Merge in AP/chromiumpatches from upstream-98.0.4758.108 to master * commit 'ea477210f4f7c4f64f0749d3e09f1f606116a82a': (46 commits) update to 98.0.4758.108, fix the conflict Release 98.0.4758.108 Patches for v98 (bromite#1806) Fix an URL in FAQs (bromite#1815) Remove unused patch Release 97.0.4692.106 Patches for v97 (bromite#1795) Updated automated domain substitution patch Rename GN_ARGS -> bromite.gn_args Add missing architectures Adjust issue forms Minor patch updates for v97 Migrate to using GitHub issue forms Add FAQ about default search engine Remove [PATCH] from patches Resolve issue bromite#1749 : build with '-ftrivial-auto-var-init=zero' Release 96.0.4664.183 Update zh_CN translations (bromite#1696) Updated CHANGELOG Release 96.0.4664.104 ...
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to privacy?
Not really, it's mostly related to security.
Is there a patch available for this feature somewhere?
Yes : https://github.com/GrapheneOS/Vanadium/tree/12/patches
Describe the solution you would like
Merge the patches using the Clang compile option
-ftrivial-auto-var-init=zero
as it prevents memory corruption vulnerabilities related to uninitialized memory.enable-ftrivial-auto-var-init-zero.patch
disable-broken-warning-for-auto-var-init.patch
Merge the patch enabling by default the
Strict Origin Isolation
flag, it should have no impact for devices with low memory as (afaik) Site Isolation is already disabled for them, and it increase the security of devices with sufficient memory. Enabling it would also help with #1720.Enable-strict-origin-isolation-by-default.patch
Describe alternatives you have considered
•
-ftrivial-auto-var-init=zero
related patches : No simple alternative, as it's a compile time flag.•
Strict Origin Isolation
related patch : Keep the flag disabled, and let users manually enabling it inchrome://flags
if they want to.The text was updated successfully, but these errors were encountered: