[erlang-bugs] R14B01: buffer overflow detected during compilation with -D_FORTIFY_SOURCE=2 (x86_64)

Christian Faulhammer <>
Tue Dec 21 11:56:31 CET 2010


Hi,

Kenneth Lundin <>:
> Has -D_FORTIFY_SOURCE been tried on R14B as well and did not show any
> buffer overflow?

 There would have been reports (I maintain the package for Gentoo,
where users build the package on their system)...and there were none.
We use FORTIFY_SOURCE for some time now.

> As I understand it -D_FORTIFY_SOURCE is a patch to GCC developed by
> Redhat and =2 can also report buffer flow for code that is correct.

 It is included in the trunk version and used by many distributions
nowadays, especially for the server/hardened systems.

> If this buffer overflow indeed is a real bug then of course we want to
> find it and correct it.

 Would be nice.

V-Li

-- 
Christian Faulhammer, Gentoo Lisp project
<URL:http://www.gentoo.org/proj/en/lisp/>, #gentoo-lisp on FreeNode

<URL:http://gentoo.faulhammer.org/>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://erlang.org/pipermail/erlang-bugs/attachments/20101221/f32ded48/attachment.bin>


More information about the erlang-bugs mailing list