https://sourceware.org/bugzilla/show_bug.cgi?id=29072
--- Comment #3 from Rui Ueyama <rui314 at gmail dot com> --- Right. Unless you know the default behavior of GNU ld, it is very hard to foresee that adding a benign assembler file to your project could make it significantly vulnerable to the traditional stack overflow attack. It can be used for the supply chain attack. If you can sneak in an assembly file, the last thing to create a remote vulnerability is to find a buffer overflow bug. -- You are receiving this mail because: You are on the CC list for the bug.
