mirror of https://github.com/mkerrisk/man-pages
feature_test_macros.7: Update discussion of _FORTIFY_SOURCE
Since the initial implementation a lot more checks were added. Describe all the checks would be too verbose (and would soon fall out of date as more checks are added). So instead, describe the kinds of checks that are done more generally. Also a few other minor edits to the text. Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
0c12fe8f51
commit
29ca3cb0bb
|
@ -448,14 +448,8 @@ provided for compatibility with some other implementations.
|
|||
.\" * Date: Tue, 21 Sep 2004 04:16:40 -0400
|
||||
Defining this macro causes some lightweight checks to be performed
|
||||
to detect some buffer overflow errors when employing
|
||||
various string and memory manipulation functions.
|
||||
Not all buffer overflows are detected, just some common cases.
|
||||
|
||||
In the current implementation, checks are added for
|
||||
calls to
|
||||
various string and memory manipulation functions (for example,
|
||||
.BR memcpy (3),
|
||||
.BR mempcpy (3),
|
||||
.BR memmove (3),
|
||||
.BR memset (3),
|
||||
.BR stpcpy (3),
|
||||
.BR strcpy (3),
|
||||
|
@ -466,8 +460,17 @@ calls to
|
|||
.BR snprintf (3),
|
||||
.BR vsprintf (3),
|
||||
.BR vsnprintf (3),
|
||||
and
|
||||
.BR gets (3).
|
||||
.BR gets (3),
|
||||
and wide character variants thereof).
|
||||
For some functions, argument consistency is checked;
|
||||
for example, a check is made that
|
||||
.BR open (2)
|
||||
has been supplied with a
|
||||
.I mode
|
||||
argument when the specified flags include
|
||||
.BR O_CREAT .
|
||||
Not all problems are detected, just some common cases.
|
||||
.\" Look for __USE_FORTIFY_LEVEL in the header files
|
||||
|
||||
If
|
||||
.B _FORTIFY_SOURCE
|
||||
|
@ -477,7 +480,7 @@ and above, checks that shouldn't change the behavior of
|
|||
conforming programs are performed.
|
||||
With
|
||||
.B _FORTIFY_SOURCE
|
||||
set to 2 some more checking is added, but
|
||||
set to 2, some more checking is added, but
|
||||
some conforming programs might fail.
|
||||
.\" For example, given the following code
|
||||
.\" int d;
|
||||
|
@ -491,7 +494,9 @@ some conforming programs might fail.
|
|||
.\" *** %n in writable segment detected ***
|
||||
.\" Aborted (core dumped)
|
||||
.\"
|
||||
Some of the checks can be performed at compile time,
|
||||
|
||||
Some of the checks can be performed at compile time
|
||||
(via macros logic implemented in header files),
|
||||
and result in compiler warnings;
|
||||
other checks take place at run time,
|
||||
and result in a run-time error if the check fails.
|
||||
|
|
Loading…
Reference in New Issue