[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: New version of ncbi-blast+

olivier sallou <olivier.sallou@gmail.com> writes:

> For info, there is a remaining hardening lintian warning:
>
> I: ncbi-blast+: hardening-no-fortify-functions
> usr/lib/ncbi-blast+/libxutil.so

Thanks for taking care of the upload, and for pointing that warning out.
I've confirmed that libxutil is using the same flags as everything else,
complete with -D_FORTIFY_SOURCE=2, so perhaps its calls to the functions
that fortification tries to protect all occurred without enough static
context for any actual fortification to happen.  It might be possible to
tweak the code to play better with fortification, but I don't have time
to look into that option at the moment.

-- 
Aaron M. Ucko, KB1CJC (amu at alum.mit.edu, ucko at debian.org)
http://www.mit.edu/~amu/ | http://stuff.mit.edu/cgi/finger/?amu@monk.mit.edu
Reply to: