> -DFORTIFY_SOURCE=2 I believe its -DFORTIFY_SOURCE=1 for Android. > support was to Clang in 4.4. I believe it was added in Android 5.2. I don't believe it depends on Clang.
Also see "Android 4.2 and FORTIFY_SOURCE", https://groups.google.com/d/msg/android-security-discuss/39oaPaWJX2I/2AqV5Q2wFvYJ. And "Jelly Bean 4.2", https://developer.android.com/about/versions/jelly-bean.html#android-42. Jeff On Tue, Sep 2, 2014 at 2:40 PM, Edith Kan <[email protected]> wrote: > Hello, > > So my understanding is that FORTIFY_SOURCE support was to Clang in 4.4. > > I tried to compile the following code (supplied by nnk in a separate > thread): > https://groups.google.com/forum/#!topic/android-security-discuss/39oaPaWJX2I > > 1: int main(int argc, char ** argv) { > 2: char buf[10]; > 3: memcpy(buf, "0123456789", sizeof(buf)); > 4: // The next line will segfault with Android's FORTIFY_SOURCE extensions > 5: size_t buf_len = strlen(buf); > 6: size_t argv0_len = strlen(argv[0]); > 7: printf("%d %d\n", buf_len, argv0_len); > 8: return 0; > 9: } > > Modified the Application.mk's LOCAL_CPPFLAGS and LOCAL_CFLAGS to include > -DFORTIFY_SOURCE=2. Then hit ndk-build.bat. > > When I perform a objdump of the symbol table for the compiled binary I don't > see any *_chk method. > > I tried to compile with clang3.4 and gcc. Same results. > > Am I missing smething here or is FORTIFY_SOURCE unsupported by NDK? > > Thanks in advance for any insight! -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/android-security-discuss. For more options, visit https://groups.google.com/d/optout.
