Hi, It might be a good time to update the _FORTIFY_SOURCE bit in the f_t_m(7) manpage. Specifically: We currently have it stuck at level 2. Since level 3 is now a thing in gcc and clang with the introduction of __builtin_dynamic_object_size, we should add it. The language should be similar to the level 2 description, with the difference that level 3 is able to evalulate dynamic sizes. There are two articles from Redhat about this new level: one from when only clang had it[1], and the other from when gcc added it too.[2]. [1]: https://developers.redhat.com/blog/2021/04/16/broadening-compiler-checks-for-buffer-overflows-in-_fortify_source#in_the_very_long_term__everything_is_dynamic [2]: https://developers.redhat.com/articles/2022/09/17/gccs-new-fortification-level The other point relates to clang, in that we should mention that it has it too since svn revision 55735 (2008). I will take some time to track down the released version number. We also need to mention when gcc and clang added the level 3 stuff. I plan to send a patch on this stuff, but do be warned my man(7) and git send-email are very rusty. Regards, Mingye Wang (Artoria2e5)
