If I understand aright, the concern here is that if one finds some form of way to corrupt memory, then one could use that to corrupt memory in the program to cause the program to jump to some other code used in a coroutine in much the same way that a buffer overflow in code modifying a variable stored on the stack could permit an attacker one to overwrite a return address on a stack to jump to arbitrary code.
It seems like the more interesting thing is bypassing CFI protections by abusing coroutines to jump around instead of inserting jumps to other functions.
threaded - newest
This is a C++20 feature so most software probably aren’t using this yet.
It’s good to catch this relatively early. Crossing fingers so that compilers can fix it without breaking compatibility.
It is pretty sad that a feature that was introduced into C++ five years ago would not be widely used yet, but that also would not surprise me.
The same holds true for C++20’s modules, which are really cool! Except you can’t really use them because compilers don’t fully support them yet.
If I understand aright, the concern here is that if one finds some form of way to corrupt memory, then one could use that to corrupt memory in the program to cause the program to jump to some other code used in a coroutine in much the same way that a buffer overflow in code modifying a variable stored on the stack could permit an attacker one to overwrite a return address on a stack to jump to arbitrary code.
It seems like the more interesting thing is bypassing CFI protections by abusing coroutines to jump around instead of inserting jumps to other functions.