|
Description
Sam James
2022-05-23 22:34:52 UTC
To reproduce bugs, you need at least -O2 (IIRC > -O0 might work, needs inlining at least, but use -O2 please or higher), GCC 12+, or Clang 9+ (but we're mostly using GCC here). You also need (feel free to change -O2, as above): CFLAGS="-O2 -D_FORTIFY_SOURCE=3" CXXFLAGS="-O2 -D_FORTIFY_SOURCE=3" I instead patch GCC because it's easier. Created attachment 781316 [details, diff]
fortify-source-3.patch
(In reply to Sam James from comment #2) > Created attachment 781316 [details, diff] [details, diff] > fortify-source-3.patch Place at /etc/portage/patches/sys-devel/gcc:12/fortify-source-3.patch. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/proj/gcc-patches.git/commit/?id=224f6241ec785ccc386eb191df36d919e9b62351 commit 224f6241ec785ccc386eb191df36d919e9b62351 Author: Sam James <sam@gentoo.org> AuthorDate: 2022-12-28 17:54:22 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-12-28 17:54:22 +0000 12.2.0: add patches for FORTIFY_SOURCE=3, default GLIBCXX_ASSERTIONS Bug: https://bugs.gentoo.org/876895 Bug: https://bugs.gentoo.org/884417 Bug: https://bugs.gentoo.org/847148 Bug: https://bugs.gentoo.org/876893 Signed-off-by: Sam James <sam@gentoo.org> 12.2.0/gentoo/01_all_default-fortify-source.patch | 8 ++++++-- 12.2.0/gentoo/15_all_DEF_GENTOO_GLIBCXX_ASSERTIONS.patch | 14 ++++++++++++++ 12.2.0/gentoo/README.history | 4 ++++ 3 files changed, 24 insertions(+), 2 deletions(-) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a40e388337e2fc6847c6cd48fc1b19eafc55b1c6 commit a40e388337e2fc6847c6cd48fc1b19eafc55b1c6 Author: Sam James <sam@gentoo.org> AuthorDate: 2022-12-28 19:18:19 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-12-31 23:47:03 +0000 sys-devel/gcc: add 12.2.1_p20221231, USE=hardened changes USE=hardened will now imply: - default -D_FORTIFY_SOURCE=3 (instead of 2 for normal profiles) - default -D_GLIBCXX_ASSERTIONS Bug: https://bugs.gentoo.org/876895 Bug: https://bugs.gentoo.org/884417 Bug: https://bugs.gentoo.org/847148 Bug: https://bugs.gentoo.org/876893 Signed-off-by: Sam James <sam@gentoo.org> sys-devel/gcc/Manifest | 2 ++ sys-devel/gcc/gcc-12.2.1_p20221231.ebuild | 52 +++++++++++++++++++++++++++++++ 2 files changed, 54 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=288bc9aff2e91f6a443e8c09f080ffc9f633b07e commit 288bc9aff2e91f6a443e8c09f080ffc9f633b07e Author: Sam James <sam@gentoo.org> AuthorDate: 2022-12-28 19:17:12 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-12-31 23:30:45 +0000 toolchain.eclass: prepare for USE=hardened => FORTIFY_SOURCE=3, assertions USE=hardened will now imply: - default -D_FORTIFY_SOURCE=3 (instead of 2 for normal profiles) - default -D_GLIBCXX_ASSERTIONS Bug: https://bugs.gentoo.org/876895 Bug: https://bugs.gentoo.org/884417 Bug: https://bugs.gentoo.org/847148 Bug: https://bugs.gentoo.org/876893 Signed-off-by: Sam James <sam@gentoo.org> eclass/toolchain.eclass | 4 ++++ 1 file changed, 4 insertions(+) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f06cb39a5d25c754c01e96313f76dc802e361995 commit f06cb39a5d25c754c01e96313f76dc802e361995 Author: Sam James <sam@gentoo.org> AuthorDate: 2023-01-30 01:05:55 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-01-30 17:37:03 +0000 toolchain-funcs.eclass: add tc-enables-fortify-source for FORTIFY_SOURCE As Zero_Chaos reported on IRC, the check we had wasn't good enough in systemd* (before we were able to remove it), as it wouldn't fire for e.g. -Os. While we could've changed it to fail safe (always unset, then set a lower F_S if possible), let's add a proper helper instead to the eclass. Bug: https://bugs.gentoo.org/841770 Bug: https://bugs.gentoo.org/847148 Bug: https://bugs.gentoo.org/876893 Signed-off-by: Sam James <sam@gentoo.org> eclass/toolchain-funcs.eclass | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) |