This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH] Linux: Add fortify wrapper for getdents64

* Wilco Dijkstra:

> Do we really need to add to this broken feature? The fortify feature should have
> been retired decades ago, it's not useful or secure at all.
>
> If we actually want to detect buffer overflows the correct approach is to add
> runtime checks in GCC as that's the place where you have the right info about
> variables and array sizes. The current implementation is completely broken
> in that it doesn't do buffer overflow checks even in the most trivial cases, and
> fails to inline or optimize checks. It just adds duplicate entry points which are
> inefficient and are mostly unused... (and you get people adding ifuncs for them
> functions just for fun)

I don't understand this.  Why do you think it does not work?  The check
is based on GCC, and GCC passing its analysis results to glibc, so that
GCC does not know which arguments are buffer pointers and their sizes,
and that the actual check does not have to be inlined in the caller.

Do you assume that everyone builds their applications with clang?
That's not remotely true.  GCC is still the system compiler for us.

Thanks,
Florian
Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]