Chromium Embedded Framework Forum

[akjana]

Hi

It looks like /GS (Buffer Security Check) flag is turned for CEF builds. Is there a specific reason why its turned off ?
Its a potential security issue found using static analysis tool BinScope.

Thanks

[magreenblatt]

Turned off where? For what builds?

[akjana]

I was testing the Cef binaries from 11/27/2016 - CEF 3.2785.1486.g8c4ba9f / Chromium 53.0.2785.116

The static analysis tool only says that the Flag is turned off for libcef.dll

Searching the chromium code base, I found this entry in Skia which turns off the flag.
[ur]https://cs.chromium.org/chromium/src/third_party/skia/gn/BUILD.gn?q=/GS-+package:%5Echromium$&dr=C&l=410[url]

Did not find such an entry in the cef code though on a basic search. Any idea if cef turns off this flag as well ?

And regarding the instance where Skia disables the compiler flag pardon if its an question beyond the scope of discussion for this forum, any thoughts/ideas why its done?
Disabling /Gs flag raises the concern that Buffer Overrun exploits could be possible, where should I pursue a fix for Skia ? Would this be a chromium bug report, I guess not.

[akjana]

Any comments/thoughts

[magreenblatt]

As you say, there is nothing in Chromium or CEF that explicitly disables this flag. Here's the commit that turned it off for Skia: https://skia.googlesource.com/skia.git/ ... d86c0ad819

[akjana]

Thanks magreenblatt for the commit Id, i'll discuss this in Chromium Forum then.