This is the mail archive of the
binutils@sourceware.org
mailing list for the binutils project.
Re: binutils and _FORTIFY_SOURCE
On Mon, Nov 21, 2005 at 08:36:46AM +1030, Alan Modra wrote:
> On Sun, Nov 20, 2005 at 09:46:44AM -0800, Anthony Green wrote:
> > typedef struct
> > {
> > char foo[4];
> > int bar;
> > } mystruct;
> >
> > we see code kind of like...
> >
> > mystruct s;
> > strcpy (s.foo, "1234"); /* buffer overflow here */
> > s.bar = 5; /* but it doesn't really matter */
> >
> > Has anybody looked into this before?
> > Will you accept patches to remove false _FORTIFY_SOURCE errors?
>
> Yes. The above really ought to be using memcpy.
Didn't someone (Jakub?) try and fail to fix ar once already?
Not that I'd complain if someone succeeded!
--
Daniel Jacobowitz
CodeSourcery, LLC