[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#709415: lintian: false positive for hardening-no-fortify-functions

Niels Thykier <niels@thykier.net> writes:

> Assuming you were using 2.5.11 for test, you may want to retry with
> 2.5.12.  The latter did another false-positive -> false-negative
> trade-off (memset and memmove).

Looks like that won't help for libkopenafs1:

% hardening-check --verbose /usr/lib/libkopenafs.so.1
/usr/lib/libkopenafs.so.1:
 Position Independent Executable: no, regular shared library (ignored)
 Stack protected: no, not found!
 Fortify Source functions: no, only unprotected functions found!
        unprotected: getgroups
 Read-only relocations: yes
 Immediate binding: yes

That's the one built with hardening-wrappers installed.

Also looks like that's not the issue for xml-security-c-utils:

% hardening-check --verbose xmlsec-xklient 
xmlsec-xklient:
 Position Independent Executable: yes
 Stack protected: yes
 Fortify Source functions: no, only unprotected functions found!
        unprotected: fread
 Read-only relocations: yes
 Immediate binding: yes

(Thanks for the note about --verbose!)

-- 
Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>
Reply to: