dankamongmen
commented
1 year ago if we're going to step up to FORTIFY_SOURCE=3, we probably want to use __alloc_size__ and __access__ decorators.
Closed dankamongmen closed 1 year ago
dankamongmen
commented
1 year ago if we're going to step up to FORTIFY_SOURCE=3, we probably want to use __alloc_size__ and __access__ decorators.
Fedora, Debian, and Gentoo (and probably others) inject their own
-D_FORTIFY_SOURCEinto the build process. we just got hit with this gentoo bug: https://bugs.gentoo.org/893278Maybe we ought define it to be 3, instead?
https://developers.redhat.com/articles/2023/02/06/how-improve-application-security-using-fortifysource3