Re: think twice before enabling -D_FORTIFY_SOURCE=2 for C projects without thorough build-time testing
On Sat, Sep 21, 2013 at 04:29:30AM +0600, Andrey Rahmatullin wrote:
> On Sat, Sep 21, 2013 at 12:00:57AM +0200, Adam Borowski wrote:
> > > So basically a variation of the old problem of calling memcpy when one
> > > meant to use memmove. I'm actually surprised that type of call to sprintf
> > > ever worked reliably with optimization, even without _FORTIFY_SOURCE.
> > > But, like memcpy vs. memmove, it's the sort of thing that's horribly
> > > difficult to debug.
> > This is something that can be tested for in s*printf() itself: deoptimizing
> > it by a single comparison is probably worth catching a relatively popular
> > error.
> Do we have data about its popularity?
I've heard about this idiom several times already, from different sources.
Whether the sources were copying from one another remains a separate