Subject: Re: _FORTIFY_SOURCE define? (was: CVS commit: src/share/mk)
To: None <>
From: Thor Lancelot Simon <>
List: tech-userlevel
Date: 05/23/2007 01:32:04
On Wed, May 23, 2007 at 06:27:40AM +0200, Bernd Ernesti wrote:
> On Tue, May 22, 2007 at 11:58:54PM +0000, Thor Lancelot Simon wrote:
> > 
> > Module Name:	src
> > Committed By:	tls
> > Date:		Tue May 22 23:58:54 UTC 2007
> > 
> > Modified Files:
> > 	src/share/mk:
> > 
> > Log Message:
> > Add -D_FORTIFY_SOURCE=2 where it can safely/sanely be used if building
> > with USE_SSP: not in the kernel, and not in libssp itself.
> What does _FORTIFY_SOURCE=2 do?

Unfortunately it's a part of SSP that's not discussed well in the GCC
documentation.  Here is the best discussion of it of which I am aware:

Of the two differences between =1 and =2 discussed there, I believe only
the second should really cause any conforming C programs to fail.  But,
I believe, we do not have any such code in our tree.  If I'm wrong on
either point, I'd appreciate it if someone would show me.

There is a slight size overhead to -D_FORTIFY_SOURCE=2 which causes
USE_SSP i386 builds to overflow the CD-ROM boot floppy image.  I'm
dealing with this in a better way right now so don't expect the code
in to stay just how it is after tomorrow.