Date: Wed, 4 Feb 2015 16:26:11 +0000 From: Dimitris Papastamos <sin@...0.org> To: musl@...ts.openwall.com Subject: Re: standalone fortify source implementation On Wed, Feb 04, 2015 at 05:21:21PM +0100, Daniel Cegiełka wrote: > 2015-02-04 17:02 GMT+01:00 Dimitris Papastamos <sin@...0.org>: > > Hi everyone, > > > > I have been working on a standalone fortify source implementation that > > uses GCC's #include_next to overlay over the system headers. The current > > implementation has been tested against musl libc and OpenBSD's libc. > > > > This implementation only supports _FORTIFY_SOURCE=1. Level 2 is the same > > as level 1. If this is to be used by default on a system it makes sense > > to only catch cases where UB would be invoked (level 1) rather than trap > > on suspicious but legal code (level 2). > > Rich is planning this type of functionality: > > http://www.openwall.com/lists/musl/2013/08/30/1 > > Isn't it better to establish a collaboration here? Yes this is intended to be an implementation of that idea. I found out about this open issue from the musl wiki.  http://wiki.musl-libc.org/wiki/Open_Issues#Substitute_for_FORTIFY_SOURCE
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.