cdc686eecc
_FORTIFY_SOURCE=1 differs from _FORTIFY_SOURCE=2 only in the bounds checking mode that it uses. With _FORTIFY_SOURCE=1, bounds checks are 'loose', allowing access to the whole underlying object, not just the subset referenced in the expression (e.g, the bounds of a struct member is the whole struct, not just the member). With _FORTIFY_SOURCE=2, bounds checks are strict, meaning that the bounds of an expression are limited to the referenced value. Both of these perform their checks at runtime, calling _chk_fail if the bounds check fails. That's done in the __*_chk functions included in the C library. These are always called when _FORTIFY_SOURCE > 0, unless the compiler replaces the call with inline code. GCC already does all of the compile-time bounds checking for string and mem functions when not using -ffreestanding, so there's nothing we need to add for that to work. That means the security_fortify_compile_time property should be empty. Signed-off-by: Keith Packard <keithp@keithp.com> |
||
---|---|---|
.. | ||
arcmwdt | ||
armclang | ||
clang | ||
gcc | ||
host-gcc | ||
icx | ||
xcc | ||
xt-clang | ||
compiler_features.cmake | ||
compiler_flags_template.cmake |