toolchain/54463: FORTIFY_SOURCE won't work with clang.

[pfg%FreeBSD.org@localhost]

>Number:         54463
>Category:       toolchain
>Synopsis:       FORTIFY_SOURCE won't work with clang.
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    toolchain-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Wed Aug 14 01:20:00 +0000 2019
>Originator:     Pedro Giffuni
>Release:        -current
>Organization:
FreeBSD
>Environment:
N/A
>Description:
I mentored this GSoC where we compared NetBSD's FORTIFY_SOURCE with the options in other systems' libc:
https://wiki.freebsd.org/SummerOfCode2015/FreeBSDLibcSecurityExtensions

The project was successful and we got FORTIFY_SOURCE working with several versions of GCC, including GCC 4.2.1 which is still in base.

However, clang does behave very different from GCC and can't really support FORTIFY_SOURCE. I forget the details, sorry, but the NetBSD implementation was inadequate for clang. Eventually (after the GSoC) Android did a bunch of extensions and upstreamed them to LLVM/clang so you may want to look at the following link:

https://android-developers.googleblog.com/2017/04/fortify-in-android.html

(and bionic's implementation)
>How-To-Repeat:
Try to use FORTIFY_SOURCE with clang: clang reports itself as GCC 4.2.1 and alloc_size may be wrong.
At least the static checking won't work, but it is likely that NetBSD doesn't support FORTIFY_SOURCE on GCC 4.2 anyways.
>Fix:
Either implement the Google extensions or limit to using stack-protector-strong with clang, which does about the same and likely covers all cases detected by FORTIFY_SOURCE. The later is what we do on FreeBSD maybe we were just lazy ;).