diff --git a/src/doc/rustc/src/exploit-mitigations.md b/src/doc/rustc/src/exploit-mitigations.md index f8bafe032140c..c80d7d8743cd9 100644 --- a/src/doc/rustc/src/exploit-mitigations.md +++ b/src/doc/rustc/src/exploit-mitigations.md @@ -54,17 +54,17 @@ Summary of exploit mitigations supported by the Rust compiler when building programs for the Linux operating system on the AMD64 architecture and equivalent. -| Exploit mitigation | Supported and enabled by default | Since | -| - | - | - | -| Position-independent executable | Yes | 0.12.0 (2014-10-09) | -| Integer overflow checks | Yes (enabled when debug assertions are enabled, and disabled when debug assertions are disabled) | 1.1.0 (2015-06-25) | -| Non-executable memory regions | Yes | 1.8.0 (2016-04-14) | -| Stack clashing protection | Yes | 1.20.0 (2017-08-31) | -| Read-only relocations and immediate binding | Yes | 1.21.0 (2017-10-12) | -| Heap corruption protection | Yes | 1.32.0 (2019-01-17) (via operating system default or specified allocator) | -| Stack smashing protection | Yes | Nightly | -| Forward-edge control flow protection | Yes | Nightly | -| Backward-edge control flow protection (e.g., shadow and safe stack) | Yes | Nightly | +| Exploit mitigation | Supported | Enabled by default | Since | +| - | - | - | - | +| Position-independent executable | Yes | Yes | 0.12.0 (2014-10-09) | +| Integer overflow checks | Yes | (enabled when debug assertions are enabled, and disabled when debug assertions are disabled) | 1.1.0 (2015-06-25) | +| Non-executable memory regions | Yes | Yes | 1.8.0 (2016-04-14) | +| Stack clashing protection | Yes | Yes | 1.20.0 (2017-08-31) | +| Read-only relocations and immediate binding | Yes | Yes | 1.21.0 (2017-10-12) | +| Heap corruption protection | Yes | Yes | 1.32.0 (2019-01-17) (via operating system default or specified allocator) | +| Stack smashing protection | Yes | No, `-Z stack-protector` | Nightly | +| Forward-edge control flow protection | Yes | No, `-Z sanitizer=cfi` | Nightly | +| Backward-edge control flow protection (e.g., shadow and safe stack) | Yes | No, `-Z sanitizer=shadow-call-stack,safestack` | Nightly | [^all-targets]: See for a list of targets and their default options.