I'm porting a huge library to WebAssembly. Most of it is written in a domain-specific language that compiles to C, and a few subsystems are C++. Emscripten provides the classic C string functions, such as strcpy(), strcat(), and so on, but I would prefer to use functions with more checking. On Windows, I use the strcpy_s() family, at customer insistence. On Linux and macOS, I use the *builtin_*strcpy_chk() family, which were created as part of the FORTIFY project. Emcc does not complain about calls to *builtin_*strcpy_chk( ), but that creates a call to _strcpy_chk(), which wasm-ld can't find. Does Emscripten support FORTIFY? Adding -D_FORTIFY_SOURCE=2, which is the usual invocation, doesn't seem to make any difference. Are there other more-secure string functions I should be using?
Thanks in advance, John -- You received this message because you are subscribed to the Google Groups "emscripten-discuss" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/d/msgid/emscripten-discuss/CAH1xqgm3JhSgOYU6EtVMU-WyvdT%3Dxcpq44PvU1dC9%3Dxh6G%3Dw9w%40mail.gmail.com.
