On 12/6/22 10:08, Richard W.M. Jones wrote:
On Tue, Dec 06, 2022 at 08:59:03AM +0000, Richard W.M. Jones wrote:
I don't believe the proposal is that everyone *has* to use this (or at
least, I hope not). Even existing _FORTIFY_SOURCE=2 is optional. I'd
like to know what the problems are that affect systemd however.
It's mentioned in this document:
https://developers.redhat.com/articles/2022/09/17/gccs-new-fortification-level#2__better_fortification_coverage
_FORTIFY_SOURCE=3 revealed another pattern. Applications such as
systemd used malloc_usable_size to determine available space in
objects and then used the residual space. The glibc manual
discourages this type of usage, dictating that malloc_usable_size is
for diagnostic purposes only. But applications use the function as a
hack to avoid reallocating buffers when there is space in the
underlying malloc chunk. The implementation of malloc_usable_size
needs to be fixed to return the allocated object size instead of the
chunk size in non-diagnostic use. Alternatively, another solution is
to deprecate the function. But that is a topic for discussion by the
glibc community.
Rich.
Thanks for sharing. I missed that one.
Jarek
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
