[PATCH 1/2] ssp.c: use libc_hidden_proto and libc_hidden_def.

Peter Mazinger ps.m at gmx.net
Wed Mar 9 08:35:32 UTC 2011


Hello William,

[...]
> I have plans for working on the FORTIFY stuff after 0.9.32 release,
> which is why I went ahead and set up the libc_hidden_proto/def for it.
> 
> Would you prefer I resubmit with only the __chk_fail function set up
> for now?

I have committed some preliminaries to start with fortify support, for now *_chk() and __chk_fail() functions are disabled

Generally, to get this option going, the headers have to reviewed, many of them are missing the section about FORTIFY.
Generic version of the *_chk() functions should be first implemented, so that support can be enabled without caring if one arch has some adapted implementation.
The __chk_fail() function could go to a separate file, to be independent of the ssp option, for this block_signals(), terminate() and ssp_write() need to be made hidden instead of static (and provided if either SSP or FORTIFY are enabled). Alternatively the ssp.c could be renamed to hardened.c
I am wondering if we should also have an option to compile uClibc with -D_FORTIFY_SOURCE=2

Regards, Peter
-- 
GMX DSL Doppel-Flat ab 19,99 Euro/mtl.! Jetzt mit 
gratis Handy-Flat! http://portal.gmx.net/de/go/dsl


More information about the uClibc mailing list