Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 4 Feb 2015 11:33:06 -0500
From: Rich Felker <>
Subject: Re: standalone fortify source implementation

On Wed, Feb 04, 2015 at 05:21:21PM +0100, Daniel Cegiełka wrote:
> 2015-02-04 17:02 GMT+01:00 Dimitris Papastamos <>:
> > Hi everyone,
> >
> > I have been working on a standalone fortify source implementation[0] that
> > uses GCC's #include_next to overlay over the system headers.  The current
> > implementation has been tested against musl libc and OpenBSD's libc.
> >
> > This implementation only supports _FORTIFY_SOURCE=1.  Level 2 is the same
> > as level 1.  If this is to be used by default on a system it makes sense
> > to only catch cases where UB would be invoked (level 1) rather than trap
> > on suspicious but legal code (level 2).
> Rich is planning this type of functionality:
> Isn't it better to establish a collaboration here?

This is the result of that collaboration.


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.