Missing Stack Canary protection in libc++_shared.so #392
Description
Description
In the latest version of rive-android (tested on version 10.3.0), the shared native library libc++_shared.so is missing stack canary protection. This poses a potential risk of stack smashing attacks.
Repro
- Add rive-android version 10.3.0 (or earlier) to your project.
- Build the .apk file.
- Decompile the APK using JADX
- Locate libc++_shared.so in one of the following paths:
- lib/arm64-v8a/libc++_shared.so
- lib/armeabi-v7a/libc++_shared.so
- lib/x86/libc++_shared.so
- lib/x86_64/libc++_shared.so
- Run checksec on the .so file:
./checksec.bash --file=lib/arm64-v8a/libc++_shared.so - Observe that no stack canary is present (No canary found).
RELRO STACK CANARY NX PIE RPATH RUNPATH Symbols FORTIFY Fortified Fortifiable FILE Full RELRO No canary found
Expected behavior
The native library should be compiled with stack canary protection to mitigate stack smashing attacks.
Recommended compiler flag:
-fstack-protector-all
Device & Versions
- Device: any Android device
- SDK Level: any SDK version
- Rive version: (app.rive:rive-android:10.3.0) or older
Additional context
Enabling this protection would improve the overall security of all Android applications that rely on rive-android, by protecting against stack-based buffer overflows in native code.