|
On 12/6/22 10:08, Richard W.M. Jones
wrote:
On Tue, Dec 06, 2022 at 08:59:03AM +0000, Richard W.M. Jones wrote:I don't believe the proposal is that everyone *has* to use this (or at least, I hope not). Even existing _FORTIFY_SOURCE=2 is optional. I'd like to know what the problems are that affect systemd however.It's mentioned in this document: https://developers.redhat.com/articles/2022/09/17/gccs-new-fortification-level#2__better_fortification_coverage _FORTIFY_SOURCE=3 revealed another pattern. Applications such as systemd used malloc_usable_size to determine available space in objects and then used the residual space. The glibc manual discourages this type of usage, dictating that malloc_usable_size is for diagnostic purposes only. But applications use the function as a hack to avoid reallocating buffers when there is space in the underlying malloc chunk. The implementation of malloc_usable_size needs to be fixed to return the allocated object size instead of the chunk size in non-diagnostic use. Alternatively, another solution is to deprecate the function. But that is a topic for discussion by the glibc community. Rich. Thanks for sharing. I missed that one. Jarek |
_______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
