Enable trivial auto var init #1749
Labels
Comments
|
You can open a Pull Request |
BayLee4
added a commit
to BayLee4/bromite
that referenced
this issue
Feb 4, 2022
…' and enable 'Strict Origin Isolation' by default
BayLee4
added a commit
to BayLee4/bromite
that referenced
this issue
Feb 4, 2022
…' and enable 'Strict Origin Isolation' by default
BayLee4
added a commit
to BayLee4/bromite
that referenced
this issue
Feb 4, 2022
…' and enable 'Strict Origin Isolation' by default
BayLee4
added a commit
to BayLee4/bromite
that referenced
this issue
Feb 4, 2022
csagan5
changed the title
csagan5
pushed a commit
that referenced
this issue
Feb 5, 2022
|
Fixed in |
ChanningPromethean
pushed a commit
to PrometheanWorld/bromite
that referenced
this issue
May 12, 2023
ChanningPromethean
pushed a commit
to PrometheanWorld/bromite
that referenced
this issue
May 12, 2023
…the latest version, from 95.0.4638.78 -> 98.0.4758.108 Merge in AP/chromiumpatches from upstream-98.0.4758.108 to master * commit 'ea477210f4f7c4f64f0749d3e09f1f606116a82a': (46 commits) update to 98.0.4758.108, fix the conflict Release 98.0.4758.108 Patches for v98 (bromite#1806) Fix an URL in FAQs (bromite#1815) Remove unused patch Release 97.0.4692.106 Patches for v97 (bromite#1795) Updated automated domain substitution patch Rename GN_ARGS -> bromite.gn_args Add missing architectures Adjust issue forms Minor patch updates for v97 Migrate to using GitHub issue forms Add FAQ about default search engine Remove [PATCH] from patches Resolve issue bromite#1749 : build with '-ftrivial-auto-var-init=zero' Release 96.0.4664.183 Update zh_CN translations (bromite#1696) Updated CHANGELOG Release 96.0.4664.104 ...
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to privacy?
Not really, it's mostly related to security.
Is there a patch available for this feature somewhere?
Yes : https://github.com/GrapheneOS/Vanadium/tree/12/patches
Describe the solution you would like
Merge the patches using the Clang compile option
-ftrivial-auto-var-init=zeroas it prevents memory corruption vulnerabilities related to uninitialized memory.enable-ftrivial-auto-var-init-zero.patch
disable-broken-warning-for-auto-var-init.patch
Merge the patch enabling by default the
Strict Origin Isolationflag, it should have no impact for devices with low memory as (afaik) Site Isolation is already disabled for them, and it increase the security of devices with sufficient memory. Enabling it would also help with #1720.Enable-strict-origin-isolation-by-default.patch
Describe alternatives you have considered
•
-ftrivial-auto-var-init=zerorelated patches : No simple alternative, as it's a compile time flag.•
Strict Origin Isolationrelated patch : Keep the flag disabled, and let users manually enabling it inchrome://flagsif they want to.The text was updated successfully, but these errors were encountered: