Closed zdohnal closed 1 year ago
Let's see where CUPS 2.x issue 642 goes before we adopt this here.
Info about what level 3 does is here
FWIW, there is a cost of using this (both code size and execution time), which we should also look at.
"make test" times in the "cups" directory (so not the ippeveprinter tests) with level 2 on Ubuntu 22.04 LTS running in multipass on my M1 Max MacBook Pro:
real 2m12.010s
user 0m33.490s
sys 1m38.464s
real 2m12.199s
user 0m32.787s
sys 1m39.230s
real 2m12.827s
user 0m33.158s
sys 1m39.640s
Level 3, same system:
real 2m13.126s
user 0m33.086s
sys 1m39.852s
real 27m56.760s
user 0m32.334s
sys 1m39.600s
real 2m12.798s
user 0m32.338s
sys 1m40.285s
So it doesn't look like there is any measurable overhead for using level 3. (there is that one odd real time for the second level 3 run, but I know I didn't wait 27 minutes so ??? User and system times are pretty much the same across the board.
Sizes of the level 2 object files is 5198576 bytes:
-rw-rw-r-- 1 ubuntu ubuntu 26752 Mar 24 07:56 array.o
-rw-rw-r-- 1 ubuntu ubuntu 54056 Mar 24 07:56 auth.o
-rw-rw-r-- 1 ubuntu ubuntu 60632 Mar 24 07:56 debug.o
-rw-rw-r-- 1 ubuntu ubuntu 49912 Mar 24 07:56 dest-job.o
-rw-rw-r-- 1 ubuntu ubuntu 54528 Mar 24 07:56 dest-localization.o
-rw-rw-r-- 1 ubuntu ubuntu 121824 Mar 24 07:56 dest-options.o
-rw-rw-r-- 1 ubuntu ubuntu 151424 Mar 24 07:56 dest.o
-rw-rw-r-- 1 ubuntu ubuntu 14336 Mar 24 07:56 dir.o
-rw-rw-r-- 1 ubuntu ubuntu 71192 Mar 24 07:56 dnssd.o
-rw-rw-r-- 1 ubuntu ubuntu 59368 Mar 24 07:56 encode.o
-rw-rw-r-- 1 ubuntu ubuntu 73592 Mar 24 07:56 file.o
-rw-rw-r-- 1 ubuntu ubuntu 18400 Mar 24 07:56 form.o
-rw-rw-r-- 1 ubuntu ubuntu 51984 Mar 24 07:56 fuzzipp.o
-rw-rw-r-- 1 ubuntu ubuntu 34776 Mar 24 07:56 getputfile.o
-rw-rw-r-- 1 ubuntu ubuntu 46360 Mar 24 07:56 globals.o
-rw-rw-r-- 1 ubuntu ubuntu 15000 Mar 24 07:56 hash.o
-rw-rw-r-- 1 ubuntu ubuntu 49712 Mar 24 07:56 http-addr.o
-rw-rw-r-- 1 ubuntu ubuntu 53488 Mar 24 07:56 http-addrlist.o
-rw-rw-r-- 1 ubuntu ubuntu 98448 Mar 24 07:56 http-support.o
-rw-rw-r-- 1 ubuntu ubuntu 158568 Mar 24 07:56 http.o
-rw-rw-r-- 1 ubuntu ubuntu 91160 Mar 24 07:56 ipp-file.o
-rw-rw-r-- 1 ubuntu ubuntu 170032 Mar 24 07:56 ipp-support.o
-rw-rw-r-- 1 ubuntu ubuntu 57992 Dec 7 2021 ipp-vars.o
-rw-rw-r-- 1 ubuntu ubuntu 187496 Mar 24 07:56 ipp.o
-rw-rw-r-- 1 ubuntu ubuntu 44912 Mar 24 07:56 json.o
-rw-rw-r-- 1 ubuntu ubuntu 70408 Mar 24 07:56 langprintf.o
-rw-rw-r-- 1 ubuntu ubuntu 1699984 Mar 24 07:56 language.o
-rw-rw-r-- 1 ubuntu ubuntu 13456 Mar 24 07:56 md5.o
-rw-rw-r-- 1 ubuntu ubuntu 29848 Mar 24 07:56 notify.o
-rw-rw-r-- 1 ubuntu ubuntu 19432 Mar 24 07:56 options.o
-rw-rw-r-- 1 ubuntu ubuntu 101128 Mar 24 07:56 pwg-media.o
-rw-rw-r-- 1 ubuntu ubuntu 13128 Mar 24 07:56 rand.o
-rw-rw-r-- 1 ubuntu ubuntu 33680 Mar 24 07:56 raster-error.o
-rw-rw-r-- 1 ubuntu ubuntu 68176 Mar 24 07:56 raster-stream.o
-rw-rw-r-- 1 ubuntu ubuntu 25264 Dec 7 2021 raster-stubs.o
-rw-rw-r-- 1 ubuntu ubuntu 27000 Mar 24 07:56 rasterbench.o
-rw-rw-r-- 1 ubuntu ubuntu 81352 Mar 24 07:56 request.o
-rw-rw-r-- 1 ubuntu ubuntu 33864 Mar 24 07:56 string.o
-rw-rw-r-- 1 ubuntu ubuntu 10840 Mar 24 07:56 tempfile.o
-rw-rw-r-- 1 ubuntu ubuntu 36832 Mar 24 07:56 testarray.o
-rw-rw-r-- 1 ubuntu ubuntu 77160 Mar 24 07:56 testclient.o
-rw-rw-r-- 1 ubuntu ubuntu 26400 Mar 24 07:56 testcreds.o
-rw-rw-r-- 1 ubuntu ubuntu 75144 Mar 24 07:56 testcups.o
-rw-rw-r-- 1 ubuntu ubuntu 60008 Mar 24 07:56 testdest.o
-rw-rw-r-- 1 ubuntu ubuntu 37520 Mar 24 07:56 testdnssd.o
-rw-rw-r-- 1 ubuntu ubuntu 42304 Mar 24 07:56 testfile.o
-rw-rw-r-- 1 ubuntu ubuntu 25920 Mar 24 07:56 testform.o
-rw-rw-r-- 1 ubuntu ubuntu 21104 Mar 24 07:56 testgetdests.o
-rw-rw-r-- 1 ubuntu ubuntu 78416 Mar 24 07:56 testhttp.o
-rw-rw-r-- 1 ubuntu ubuntu 37456 Mar 24 07:56 testi18n.o
-rw-rw-r-- 1 ubuntu ubuntu 64544 Mar 24 07:56 testipp.o
-rw-rw-r-- 1 ubuntu ubuntu 27688 Mar 24 07:56 testjson.o
-rw-rw-r-- 1 ubuntu ubuntu 45472 Mar 24 07:56 testoptions.o
-rw-rw-r-- 1 ubuntu ubuntu 49616 Mar 24 07:56 testraster.o
-rw-rw-r-- 1 ubuntu ubuntu 93144 Mar 24 07:56 testtestpage.o
-rw-rw-r-- 1 ubuntu ubuntu 25000 Mar 24 07:56 testthreads.o
-rw-rw-r-- 1 ubuntu ubuntu 19296 Mar 24 07:56 thread.o
-rw-rw-r-- 1 ubuntu ubuntu 110216 Mar 24 07:56 tls.o
-rw-rw-r-- 1 ubuntu ubuntu 51376 Mar 24 07:56 tlscheck.o
-rw-rw-r-- 1 ubuntu ubuntu 29064 Mar 24 07:56 transcode.o
-rw-rw-r-- 1 ubuntu ubuntu 65200 Mar 24 07:56 usersys.o
-rw-rw-r-- 1 ubuntu ubuntu 56192 Mar 24 07:56 util.o
Level 3 sizes also total 5198576 bytes:
-rw-rw-r-- 1 ubuntu ubuntu 26752 Mar 24 08:10 array.o
-rw-rw-r-- 1 ubuntu ubuntu 54056 Mar 24 08:10 auth.o
-rw-rw-r-- 1 ubuntu ubuntu 60632 Mar 24 08:10 debug.o
-rw-rw-r-- 1 ubuntu ubuntu 49912 Mar 24 08:10 dest-job.o
-rw-rw-r-- 1 ubuntu ubuntu 54528 Mar 24 08:10 dest-localization.o
-rw-rw-r-- 1 ubuntu ubuntu 121824 Mar 24 08:10 dest-options.o
-rw-rw-r-- 1 ubuntu ubuntu 151424 Mar 24 08:10 dest.o
-rw-rw-r-- 1 ubuntu ubuntu 14336 Mar 24 08:10 dir.o
-rw-rw-r-- 1 ubuntu ubuntu 71192 Mar 24 08:10 dnssd.o
-rw-rw-r-- 1 ubuntu ubuntu 59368 Mar 24 08:10 encode.o
-rw-rw-r-- 1 ubuntu ubuntu 73592 Mar 24 08:10 file.o
-rw-rw-r-- 1 ubuntu ubuntu 18400 Mar 24 08:10 form.o
-rw-rw-r-- 1 ubuntu ubuntu 51984 Mar 24 08:10 fuzzipp.o
-rw-rw-r-- 1 ubuntu ubuntu 34776 Mar 24 08:10 getputfile.o
-rw-rw-r-- 1 ubuntu ubuntu 46360 Mar 24 08:10 globals.o
-rw-rw-r-- 1 ubuntu ubuntu 15000 Mar 24 08:10 hash.o
-rw-rw-r-- 1 ubuntu ubuntu 49712 Mar 24 08:10 http-addr.o
-rw-rw-r-- 1 ubuntu ubuntu 53488 Mar 24 08:10 http-addrlist.o
-rw-rw-r-- 1 ubuntu ubuntu 98448 Mar 24 08:10 http-support.o
-rw-rw-r-- 1 ubuntu ubuntu 158568 Mar 24 08:10 http.o
-rw-rw-r-- 1 ubuntu ubuntu 91160 Mar 24 08:10 ipp-file.o
-rw-rw-r-- 1 ubuntu ubuntu 170032 Mar 24 08:10 ipp-support.o
-rw-rw-r-- 1 ubuntu ubuntu 57992 Dec 7 2021 ipp-vars.o
-rw-rw-r-- 1 ubuntu ubuntu 187496 Mar 24 08:10 ipp.o
-rw-rw-r-- 1 ubuntu ubuntu 44912 Mar 24 08:10 json.o
-rw-rw-r-- 1 ubuntu ubuntu 70408 Mar 24 08:10 langprintf.o
-rw-rw-r-- 1 ubuntu ubuntu 1699984 Mar 24 08:10 language.o
-rw-rw-r-- 1 ubuntu ubuntu 13456 Mar 24 08:10 md5.o
-rw-rw-r-- 1 ubuntu ubuntu 29848 Mar 24 08:10 notify.o
-rw-rw-r-- 1 ubuntu ubuntu 19432 Mar 24 08:10 options.o
-rw-rw-r-- 1 ubuntu ubuntu 101128 Mar 24 08:10 pwg-media.o
-rw-rw-r-- 1 ubuntu ubuntu 13128 Mar 24 08:10 rand.o
-rw-rw-r-- 1 ubuntu ubuntu 33680 Mar 24 08:10 raster-error.o
-rw-rw-r-- 1 ubuntu ubuntu 68176 Mar 24 08:10 raster-stream.o
-rw-rw-r-- 1 ubuntu ubuntu 25264 Dec 7 2021 raster-stubs.o
-rw-rw-r-- 1 ubuntu ubuntu 27000 Mar 24 08:10 rasterbench.o
-rw-rw-r-- 1 ubuntu ubuntu 81352 Mar 24 08:10 request.o
-rw-rw-r-- 1 ubuntu ubuntu 33864 Mar 24 08:10 string.o
-rw-rw-r-- 1 ubuntu ubuntu 10840 Mar 24 08:10 tempfile.o
-rw-rw-r-- 1 ubuntu ubuntu 36832 Mar 24 08:10 testarray.o
-rw-rw-r-- 1 ubuntu ubuntu 77160 Mar 24 08:10 testclient.o
-rw-rw-r-- 1 ubuntu ubuntu 26400 Mar 24 08:10 testcreds.o
-rw-rw-r-- 1 ubuntu ubuntu 75144 Mar 24 08:10 testcups.o
-rw-rw-r-- 1 ubuntu ubuntu 60008 Mar 24 08:10 testdest.o
-rw-rw-r-- 1 ubuntu ubuntu 37520 Mar 24 08:10 testdnssd.o
-rw-rw-r-- 1 ubuntu ubuntu 42304 Mar 24 08:10 testfile.o
-rw-rw-r-- 1 ubuntu ubuntu 25920 Mar 24 08:10 testform.o
-rw-rw-r-- 1 ubuntu ubuntu 21104 Mar 24 08:10 testgetdests.o
-rw-rw-r-- 1 ubuntu ubuntu 78416 Mar 24 08:10 testhttp.o
-rw-rw-r-- 1 ubuntu ubuntu 37456 Mar 24 08:10 testi18n.o
-rw-rw-r-- 1 ubuntu ubuntu 64544 Mar 24 08:10 testipp.o
-rw-rw-r-- 1 ubuntu ubuntu 27688 Mar 24 08:10 testjson.o
-rw-rw-r-- 1 ubuntu ubuntu 45472 Mar 24 08:10 testoptions.o
-rw-rw-r-- 1 ubuntu ubuntu 49616 Mar 24 08:10 testraster.o
-rw-rw-r-- 1 ubuntu ubuntu 93144 Mar 24 08:10 testtestpage.o
-rw-rw-r-- 1 ubuntu ubuntu 25000 Mar 24 08:10 testthreads.o
-rw-rw-r-- 1 ubuntu ubuntu 19296 Mar 24 08:10 thread.o
-rw-rw-r-- 1 ubuntu ubuntu 110216 Mar 24 08:10 tls.o
-rw-rw-r-- 1 ubuntu ubuntu 51376 Mar 24 08:10 tlscheck.o
-rw-rw-r-- 1 ubuntu ubuntu 29064 Mar 24 08:10 transcode.o
-rw-rw-r-- 1 ubuntu ubuntu 65200 Mar 24 08:10 usersys.o
-rw-rw-r-- 1 ubuntu ubuntu 56192 Mar 24 08:10 util.o
So either the GCC in Ubuntu 22.04 LTS (11.3.0) doesn't actually support _FORTIFY_SOURCE=3
or there is no added overhead (which is inconsistent with the documentation...)
[master 1e317aacc] Update fortify level to 3 (Issue #51)
Hi Mike,
I'll add the statistics from Fedora 38 regarding _FORTIFY_SOURCE=3, but as fas as I can tell it works here - I have a detected buffer overflow in pappl due the new level (reproduceable if pappl is built with _FORTIFY_SOURCE=3 and you start lprint) - I'll send the PR right away (we subtract a higher pointer from a lower one).
The present GCC supports level 3 for some time, try using it.