-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Marcus Meissner wrote:
(This is a report of a pre-10.0 article from internal list).
Hi folks, The gcc 4 introduction brings fortunately some enhancements in regards to better checks for security problems. One of them is light weight buffer overflow checking during compile and runtime.
...
Introduced with 10.0 snapshot 2 we are now using "-D_FORTIFY_SOURCE=2" as default in the RPM_OPT_FLAGS.
Yes, that GCC feature already has been helpful in a few cases (to sort out e.g. double memory deallocation).
We have fixed all problems we found in the buildsystem already.
?
Packager TODOs: =============== However, this requires the following from you: * Make sure that strcpy, memcpy and friends are not implicitly defined. If you see this warning: "implicit declaration of function #strcpy#" it will not detect those simple buffer overflows. To fix such cases, include the standard header: <string.h> (for *printf warnings, <stdio.h>)
Thanks for that information, I'll try to fix them all from now on. Sometimes I do, sometimes I don't, depends on the number (and the time I have ;)). I'll do my best to fix them all from now on. Hopefully upstream will pick up the patches. Could it be possible to have a "packager corner" on the opensuse wiki and post stuff like that over there ? Would be helpful when we submit patches to upstream, we can give them a link to your explanation, which should give some weight to the patches ;)
* Make sure your package uses RPM_OPT_FLAGS for compiling C and C++ code. There is still a number of package that does not do this. I have run a heuristics (grep ;) over all our autobuild logfiles to find such offenders.
Yeah, indeed, still happens sometimes. A very stupid trick, but works pretty well: when I compile the sources for the first time (to gather information to write the spec file), I pass -DXXXXXXXXXXXXXXXXXXXXXXXXXXXX (or something like that) to CFLAGS/CXXFLAGS. It's very easy to see whether it's used when the source is compiling ;)) (and it doesn't have any side effects).
The logfile seperated by maintainer is in: <internalpath> the full warnings logfile is at <internalpath>
What is <internalpath> ? *grin* ;)
NOTE! There might be reasons you can't use RPM_OPT_FLAGS, or that only matches for package internal buildtools where found. These are cases where the heuristic failed. This is no official endorsement of RPM_OPT_FLAGS (yet).
What do you mean with "no official endorsement of RPM_OPT_FLAGS yet" ? cheers - -- -o) Pascal Bleser http://linux01.gwdg.de/~pbleser/ /\\ <pascal.bleser@skynet.be> <guru@unixtech.be> _\_v The more things change, the more they stay insane. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQFDxuENr3NMWliFcXcRAr/AAJ4ouSEpo7DAj6qm0cPmFg0izhW9XACgk8xW 0yxigPJDkr80g7jdDlxrLYM= =Md0y -----END PGP SIGNATURE-----