Re: think twice before enabling -D_FORTIFY_SOURCE=2 for C projects without thorough build-time testing
On Fri, Sep 20, 2013 at 01:08:00PM -0700, Russ Allbery wrote:
> So basically a variation of the old problem of calling memcpy when one
> meant to use memmove. I'm actually surprised that type of call to sprintf
> ever worked reliably with optimization, even without _FORTIFY_SOURCE.
> But, like memcpy vs. memmove, it's the sort of thing that's horribly
> difficult to debug.
This is something that can be tested for in s*printf() itself: deoptimizing
it by a single comparison is probably worth catching a relatively popular