NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

toolchain/54463: FORTIFY_SOURCE won't work with clang.

>Number:         54463
>Category:       toolchain
>Synopsis:       FORTIFY_SOURCE won't work with clang.
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    toolchain-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Wed Aug 14 01:20:00 +0000 2019
>Originator:     Pedro Giffuni
>Release:        -current
I mentored this GSoC where we compared NetBSD's FORTIFY_SOURCE with the options in other systems' libc:

The project was successful and we got FORTIFY_SOURCE working with several versions of GCC, including GCC 4.2.1 which is still in base.

However, clang does behave very different from GCC and can't really support FORTIFY_SOURCE. I forget the details, sorry, but the NetBSD implementation was inadequate for clang. Eventually (after the GSoC) Android did a bunch of extensions and upstreamed them to LLVM/clang so you may want to look at the following link:

(and bionic's implementation)
Try to use FORTIFY_SOURCE with clang: clang reports itself as GCC 4.2.1 and alloc_size may be wrong.
At least the static checking won't work, but it is likely that NetBSD doesn't support FORTIFY_SOURCE on GCC 4.2 anyways.
Either implement the Google extensions or limit to using stack-protector-strong with clang, which does about the same and likely covers all cases detected by FORTIFY_SOURCE. The later is what we do on FreeBSD maybe we were just lazy ;).

Home | Main Index | Thread Index | Old Index