> On 13 Oct 2022, at 19:50, Alejandro Colomar <alx.manpages@xxxxxxxxx> wrote: > > Hi Sam, > > On 10/13/22 20:31, Sam James wrote: >> Reference: https://developers.redhat.com/blog/2021/04/16/broadening-compiler-checks-for-buffer-overflows-in-_fortify_source >> Reference: https://developers.redhat.com/articles/2022/09/17/gccs-new-fortification-level >> Signed-off-by: Sam James <sam@xxxxxxxxxx> >> --- >> man7/feature_test_macros.7 | 11 +++++++++++ >> 1 file changed, 11 insertions(+) >> diff --git a/man7/feature_test_macros.7 b/man7/feature_test_macros.7 >> index d33041001..e62185745 100644 >> --- a/man7/feature_test_macros.7 >> +++ b/man7/feature_test_macros.7 >> @@ -643,9 +643,20 @@ and result in compiler warnings; >> other checks take place at run time, >> and result in a run-time error if the check fails. >> .IP >> +With >> +.B _FORTIFY_SOURCE >> +set to 3, additional checking is added to capture some function > > What do you mean by "capture"? > Maybe "capture" is not the best word. Maybe hooked / intercepted is better? F_S=3 lets cases where say, malloc size is based on a variable, still get detected because the compiler recognises such cases and adds scaffolding in to hook the functions. (The malloc example at https://developers.redhat.com/articles/2022/09/17/gccs-new-fortification-level#1__a_new_builtin_provides_enhanced_buffer_size_detection is what I'm referring to). To be clear though: the semantics are similar to FORTIFY_SOURCE=2, it's just that FORITFY_SOURCE=3 uses an extra bit of information (__builtin_dynamic_object_size) to hook more cases. So whatever word works for FORTIFY_SOURCE < 3 works for 3 too. I'm definitely feeling like "capture" is not the best word but I'm struggling for the right one. -- Additional question: there's actually some confusing constraints about when we can use F_S=3. It needs GCC 12 or Clang 9 as a compiler, and >= glibc-2.34. musl does not, at this time, support any built-in fortification. I don't know if we should mention that part. > Cheers, > > Alex Best, sam
Attachment:
signature.asc
Description: Message signed with OpenPGP
