Hi Mingye, On 3/20/23 09:15, Mingye Wang wrote: > Hi, > > It might be a good time to update the _FORTIFY_SOURCE bit in the > f_t_m(7) manpage. Specifically: > > We currently have it stuck at level 2. Since level 3 is now a thing in > gcc and clang with the introduction of __builtin_dynamic_object_size, > we should add it. The language should be similar to the level 2 > description, with the difference that level 3 is able to evalulate > dynamic sizes. There are two articles from Redhat about this new > level: one from when only clang had it[1], and the other from when gcc > added it too.[2]. > [1]: https://developers.redhat.com/blog/2021/04/16/broadening-compiler-checks-for-buffer-overflows-in-_fortify_source#in_the_very_long_term__everything_is_dynamic > [2]: https://developers.redhat.com/articles/2022/09/17/gccs-new-fortification-level > > The other point relates to clang, in that we should mention that it > has it too since svn revision 55735 (2008). I will take some time to > track down the released version number. We also need to mention when > gcc and clang added the level 3 stuff. > > I plan to send a patch on this stuff, but do be warned my man(7) and > git send-email are very rusty. Thanks! No problem about that. Please CC some GCC or Clang mailing list and related developers when you send your patch. Cheers, Alex > > Regards, > Mingye Wang (Artoria2e5) -- <http://www.alejandro-colomar.es/> GPG key fingerprint: A9348594CE31283A826FBDD8D57633D441E25BB5
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature
