Thanks for the explanation! Better to use =2 then. But Strack protector and FORTIFY can be active as compiler arguments at the same time as I understand. Just the binary size will grow. Thanks, Reinoud. On Wed, Mar 2, 2022, 12:23 PM Xi Ruoyao <xry111@xxxxxxxxxxxxxxxx> wrote: > On Wed, 2022-03-02 at 12:05 -0800, Reinoud Koornstra wrote: > > Hi Xi, > > > > Thanks for your reply. > > Then what is the difference between -D_FORTIFY_SOURCE=1 and > -D_FORTIFY_SOURCE=2 exactly? > > -D_FORTIFY_SOURCE=1 uses __builtin_object_size(..., 0) as the buffer > size, but -D_FORTIFY_SOURCE=2 uses __builtin_object_size(..., 1). Read > https://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html for the > details. > > One case is: > > struct frame > { > int size; > char buf[0]; > }; > > union > { > struct frame f; > char padding[100 + sizeof(struct frame)]; > } u; > > u.frame.size = strlen(s) + 1; > strcpy(u.frame.buf, s); > > -D_FORTIFY_SOURCE=2 will abort this, but -D_FORTIFY_SOURCE=1 won't. > (Yes, I know "char buf[0]" should be changed to a flexible array member > "char buf[]" to fix this, but it is just an example.) > -- > Xi Ruoyao <xry111@xxxxxxxxxxxxxxxx> > School of Aerospace Science and Technology, Xidian University >
