In article <20070523053204.GA16272@panix.com>,
Thor Lancelot Simon  <tls@rek.tjls.com> wrote:
>On Wed, May 23, 2007 at 06:27:40AM +0200, Bernd Ernesti wrote:
>> On Tue, May 22, 2007 at 11:58:54PM +0000, Thor Lancelot Simon wrote:
>> > 
>> > Module Name:	src
>> > Committed By:	tls
>> > Date:		Tue May 22 23:58:54 UTC 2007
>> > 
>> > Modified Files:
>> > 	src/share/mk: bsd.sys.mk
>> > 
>> > Log Message:
>> > Add -D_FORTIFY_SOURCE=2 where it can safely/sanely be used if building
>> > with USE_SSP: not in the kernel, and not in libssp itself.
>> 
>> What does _FORTIFY_SOURCE=2 do?
>
>Unfortunately it's a part of SSP that's not discussed well in the GCC
>documentation.  Here is the best discussion of it of which I am aware:
>
>http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
>
>Of the two differences between =1 and =2 discussed there, I believe only
>the second should really cause any conforming C programs to fail.  But,
>I believe, we do not have any such code in our tree.  If I'm wrong on
>either point, I'd appreciate it if someone would show me.
>
>There is a slight size overhead to -D_FORTIFY_SOURCE=2 which causes
>USE_SSP i386 builds to overflow the CD-ROM boot floppy image.  I'm
>dealing with this in a better way right now so don't expect the code
>in sys.mk to stay just how it is after tomorrow.

I added the following man pages: ssp(3), __builtin_object_size(3). They
are brief, but they should give you an idea of what's going on if you
read <ssp/ssp.h> after you read the man pages.

christos