This patch adds a cross-reference to GNU libc and _FORTIFY_SOURCE (which
needs to be documented there) and mentions the optimization level
requirements.
Okay for trunk?
2012-06-04 Florian Weimer <fwei...@redhat.com>
* doc/extend.texi (Object Size Checking): Mention
_FORTIFY_SOURCE, add caveat.
--
Florian Weimer / Red Hat Product Security Team
Index: gcc/doc/extend.texi
===================================================================
--- gcc/doc/extend.texi (revision 187951)
+++ gcc/doc/extend.texi (working copy)
@@ -7376,8 +7376,15 @@
@findex __builtin___vfprintf_chk
GCC implements a limited buffer overflow protection mechanism
-that can prevent some buffer overflow attacks.
+that can prevent some buffer overflow attacks. GNU libc uses it
+in the implementation of the @code{_FORTIFY_SOURCE} functionality.
+This protection mechanism is only a last resort. As a programmer, you
+must not rely on its presence, but use explicit buffer length checks
+to avoid buffer overflows. GCC may not be able to determine buffer
+sizes accurately, and the accuracy depends on compiler version and
+optimization level (currently, at least @option{-O2} is required).
+
@deftypefn {Built-in Function} {size_t} __builtin_object_size (void * @var{ptr}, int @var{type})
is a built-in construct that returns a constant number of bytes from
@var{ptr} to the end of the object @var{ptr} pointer points to
