Moved from: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105043 I would like to see documentation of the feature, as well as what each level (1-3) enables. If it's documented in glibc, then please provide a link to the feature. And I would add a caveat about the usage of malloc_usable_size.
It is documented briefly on manual/creature.texi: 303 @defvr Macro _FORTIFY_SOURCE 304 @standards{GNU, (none)} 305 If this macro is defined to @math{1}, security hardening is added to 306 various library functions. If defined to @math{2}, even stricter 307 checks are applied. If defined to @math{3}, @theglibc{} may also use 308 checks that may have an additional performance overhead. 309 @end defvr But there is no further explanation of exactly each level enables, the functions covered, and how it plays with compiler.
@Siddhesh: May I please remind you this issue?
Do we need documentation beyond the stuff above, which appears to describe the interface to sufficient detail? Anything more seems like implementation detail.
Ok, so can you please adapt the documentation entry to the GCC compiler. The macro is already mentioned in the manual page, so it would be nice having that explained. Thanks.
I too am looking for documentation on this feature. More specifically, what is the action of the program when the check fails? Does it act like a failed assert() and call abort()? Is there a way to catch the exception like one would catch SIGSEGV using a signal handler? Thanks.
(In reply to Byron Stanoszek from comment #5) > I too am looking for documentation on this feature. More specifically, what > is the action of the program when the check fails? abort is called. > Does it act like a failed > assert() and call abort()? Is there a way to catch the exception like one > would catch SIGSEGV using a signal handler? Likely not, Siddhesh, please correct me if I'm wrong. > Thanks. Anyway, the documentation should be really improved and taken to GCC compiler as well.
(In reply to Martin Liska from comment #6) > > Does it act like a failed > > assert() and call abort()? Is there a way to catch the exception like one > > would catch SIGSEGV using a signal handler? > > Likely not, Siddhesh, please correct me if I'm wrong. You could trap SIGABRT if you really really want to, but that's not a recommendation. > > Thanks. > > Anyway, the documentation should be really improved and taken to GCC > compiler as well. I'm going to try writing something up for the glibc manual and gcc documentation.
The master branch has been updated by Siddhesh Poyarekar <siddhesh@sourceware.org>: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=3d3a2911ba65e613eac878d8eb02a0aba4ad7651 commit 3d3a2911ba65e613eac878d8eb02a0aba4ad7651 Author: Siddhesh Poyarekar <siddhesh@sourceware.org> Date: Tue Jan 10 10:22:38 2023 -0500 Add _FORTIFY_SOURCE implementation documentation [BZ #28998] There have been multiple requests to provide more detail on how the _FORTIFY_SOURCE macro works, so this patch adds a new node in the Library Maintenance section that does this. A lot of the description is implementation detail, which is why I put this in the appendix and not in the main documentation. Resolves: BZ #28998. Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org> Reviewed-by: Florian Weimer <fweimer@redhat.com>
Fixed on main branch, the gcc complement of _FORTIFY_SOURCE documentation change is here: https://gcc.gnu.org/g:b3009222b7bb26654c1e93d34e65e8f80ae20595