[asterisk-users] Use of undeclared identifier 'pvt' in asterisk-12.4.0

Jeffrey Walton noloader at gmail.com
Sat Jul 26 04:07:12 CDT 2014


On Fri, Jul 25, 2014 at 1:45 PM, Matthew Jordan <mjordan at digium.com> wrote:
> ...
> The use of RAII_VAR has saved the Asterisk project on countless
> defects: memory leaks, reference leaks, port leaks, deadlocks on off
> nominal paths, all sorts of ills.
The problem is not with RAII_VAR. Its a good pattern, and I often use similar.

The issue is GCC's particular implementation of nested functions.

Diederik de Groot offered a very good alternative in the report cited
by Joshua Colp. Its a very good alternative because it avoids the
problems cause by GCC's implementation of nested functions. And it
allows an operator to further improve their security posture by
honoring best practices and adhering to SDLCs.

Every best practice and SDLC I've seen includes NX-Stack, NX-Heaps,
PIE, FORTIFY_SOURCES, GOT Hardening, PLT Hardening, and friends.

The alternative is also a win-win. Not only does it address the gaps
created by GCC, it also allows advanced analysis on the binaries.
Static and dynamic analysis is also part of best practices and SDLCs.

Jeff



More information about the asterisk-users mailing list