Fortify_source

Robert Connolly Thu, 03 Aug 2006 18:52:47 -0700

Hi. It looks like  -D_FORTIFY_SOURCE requires optimizations for it to work:


----

$ cat fortify-test.c
#include <string.h>
main()
{
char buf[2];
strcpy(buf,"12345");
}

$ gcc -o fortify-test fortify-test.c
$ ./fortify-test
Segmentation fault

$ gcc -o fortify-test fortify-test.c -D_FORTIFY_SOURCE=2
$ ./fortify-test
Segmentation fault

$ gcc -o fortify-test fortify-test.c -D_FORTIFY_SOURCE=2 -O
fortify-test.c: In function 'main':
fortify-test.c:5: warning: call to __builtin___strcpy_chk will always overflow 
destination buffer
$ ./fortify-test
*** buffer overflow detected ***: ./fortify-test terminated
Aborted

$ gcc -o fortify-test fortify-test.c -D_FORTIFY_SOURCE=2 -O99
fortify-test.c: In function 'main':
fortify-test.c:5: warning: call to __builtin___strcpy_chk will always overflow 
destination buffer
$ ./fortify-test
*** buffer overflow detected ***: ./fortify-test terminated
Aborted

----

robert

pgpwlOGumaLOR.pgp
Description: PGP signature

-- 
http://linuxfromscratch.org/mailman/listinfo/hlfs-dev
FAQ: http://www.linuxfromscratch.org/faq/
Unsubscribe: See the above information page

Fortify_source

Reply via email to