public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug libc/13979] New: A warning should be issued if FORTIFY_SOURCE is requested but not enabled
@ 2012-04-13 17:20 law at redhat dot com
2012-05-07 21:05 ` [Bug libc/13979] " aj at suse dot de
` (13 more replies)
0 siblings, 14 replies; 15+ messages in thread
From: law at redhat dot com @ 2012-04-13 17:20 UTC (permalink / raw)
To: glibc-bugs
http://sourceware.org/bugzilla/show_bug.cgi?id=13979
Bug #: 13979
Summary: A warning should be issued if FORTIFY_SOURCE is
requested but not enabled
Product: glibc
Version: 2.15
Status: NEW
Severity: normal
Priority: P2
Component: libc
AssignedTo: unassigned@sourceware.org
ReportedBy: law@redhat.com
CC: drepper.fsp@gmail.com
Classification: Unclassified
Created attachment 6341
--> http://sourceware.org/bugzilla/attachment.cgi?id=6341
Possible fix
If a user requests FORTIFY_SOURCE checking, but for whatever reason the checks
are not enabled (for example optimizer not enabled), we should issue a warning.
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug libc/13979] A warning should be issued if FORTIFY_SOURCE is requested but not enabled
2012-04-13 17:20 [Bug libc/13979] New: A warning should be issued if FORTIFY_SOURCE is requested but not enabled law at redhat dot com
@ 2012-05-07 21:05 ` aj at suse dot de
2012-05-08 17:49 ` aj at suse dot de
` (12 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: aj at suse dot de @ 2012-05-07 21:05 UTC (permalink / raw)
To: glibc-bugs
http://sourceware.org/bugzilla/show_bug.cgi?id=13979
Andreas Jaeger <aj at suse dot de> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #6341|0 |1
is patch| |
Attachment #6341|application/octet-stream |text/plain
mime type| |
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug libc/13979] A warning should be issued if FORTIFY_SOURCE is requested but not enabled
2012-04-13 17:20 [Bug libc/13979] New: A warning should be issued if FORTIFY_SOURCE is requested but not enabled law at redhat dot com
2012-05-07 21:05 ` [Bug libc/13979] " aj at suse dot de
@ 2012-05-08 17:49 ` aj at suse dot de
2012-05-08 17:56 ` law at redhat dot com
` (11 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: aj at suse dot de @ 2012-05-08 17:49 UTC (permalink / raw)
To: glibc-bugs
http://sourceware.org/bugzilla/show_bug.cgi?id=13979
Andreas Jaeger <aj at suse dot de> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
CC| |aj at suse dot de
Resolution| |FIXED
--- Comment #1 from Andreas Jaeger <aj at suse dot de> 2012-05-08 17:48:11 UTC ---
Thanks for your report and patch.
This is fixed slightly differently for glibc 2.16 with:
commit 05c2c9618f583ea4acd69b3fe5ae2a2922dd2ddc
Author: Roland Mc Grath <roland@hack.frob.com>
Date: Tue May 8 19:44:57 2012 +0200
Warn if user requests __FORTIFY_SOURCE but it is disabled
[BZ #13979]
* include/features.h: Warn if user requests __FORTIFY_SOURCE
checking but the checks are disabled for any reason.
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug libc/13979] A warning should be issued if FORTIFY_SOURCE is requested but not enabled
2012-04-13 17:20 [Bug libc/13979] New: A warning should be issued if FORTIFY_SOURCE is requested but not enabled law at redhat dot com
2012-05-07 21:05 ` [Bug libc/13979] " aj at suse dot de
2012-05-08 17:49 ` aj at suse dot de
@ 2012-05-08 17:56 ` law at redhat dot com
2013-05-08 15:25 ` eblake at redhat dot com
` (10 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: law at redhat dot com @ 2012-05-08 17:56 UTC (permalink / raw)
To: glibc-bugs
http://sourceware.org/bugzilla/show_bug.cgi?id=13979
--- Comment #2 from law at redhat dot com 2012-05-08 17:55:17 UTC ---
Thanks. I'll update Fedora's repo appropriately.
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug libc/13979] A warning should be issued if FORTIFY_SOURCE is requested but not enabled
2012-04-13 17:20 [Bug libc/13979] New: A warning should be issued if FORTIFY_SOURCE is requested but not enabled law at redhat dot com
` (2 preceding siblings ...)
2012-05-08 17:56 ` law at redhat dot com
@ 2013-05-08 15:25 ` eblake at redhat dot com
2013-05-08 15:53 ` aj at suse dot de
` (9 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: eblake at redhat dot com @ 2013-05-08 15:25 UTC (permalink / raw)
To: glibc-bugs
http://sourceware.org/bugzilla/show_bug.cgi?id=13979
Eric Blake <eblake at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |eblake at redhat dot com
--- Comment #3 from Eric Blake <eblake at redhat dot com> 2013-05-08 15:25:39 UTC ---
This #warning appears to be causing more grief than it is solving; for example,
see this autoconf thread that complains that it is breaking configure scripts,
and therefore Debian's decision to revert this patch in their build of glibc:
https://lists.gnu.org/archive/html/autoconf/2013-05/msg00003.html
http://anonscm.debian.org/viewvc/pkg-glibc/glibc-package/trunk/debian/patches/any/local-revert-bz13979.diff?revision=5553&view=markup
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug libc/13979] A warning should be issued if FORTIFY_SOURCE is requested but not enabled
2012-04-13 17:20 [Bug libc/13979] New: A warning should be issued if FORTIFY_SOURCE is requested but not enabled law at redhat dot com
` (3 preceding siblings ...)
2013-05-08 15:25 ` eblake at redhat dot com
@ 2013-05-08 15:53 ` aj at suse dot de
2013-05-08 15:54 ` law at redhat dot com
` (8 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: aj at suse dot de @ 2013-05-08 15:53 UTC (permalink / raw)
To: glibc-bugs
http://sourceware.org/bugzilla/show_bug.cgi?id=13979
Andreas Jaeger <aj at suse dot de> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
Resolution|FIXED |
--- Comment #4 from Andreas Jaeger <aj at suse dot de> 2013-05-08 15:53:13 UTC ---
Eric, could you summarize the situation and email libc-alpha about this,
please?
I wonder why this only now hits us - Fedora seems to be using this for some
time already - don't they use FORTIFY_SOURCE checking?
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug libc/13979] A warning should be issued if FORTIFY_SOURCE is requested but not enabled
2012-04-13 17:20 [Bug libc/13979] New: A warning should be issued if FORTIFY_SOURCE is requested but not enabled law at redhat dot com
` (4 preceding siblings ...)
2013-05-08 15:53 ` aj at suse dot de
@ 2013-05-08 15:54 ` law at redhat dot com
2013-10-20 18:35 ` neleai at seznam dot cz
` (7 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: law at redhat dot com @ 2013-05-08 15:54 UTC (permalink / raw)
To: glibc-bugs
http://sourceware.org/bugzilla/show_bug.cgi?id=13979
--- Comment #5 from law at redhat dot com 2013-05-08 15:54:43 UTC ---
Fedora uses it; I recall a bit of a disturbance when that change went in, but I
believe the package owners bit the bullet and updated appropriately.
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug libc/13979] A warning should be issued if FORTIFY_SOURCE is requested but not enabled
2012-04-13 17:20 [Bug libc/13979] New: A warning should be issued if FORTIFY_SOURCE is requested but not enabled law at redhat dot com
` (5 preceding siblings ...)
2013-05-08 15:54 ` law at redhat dot com
@ 2013-10-20 18:35 ` neleai at seznam dot cz
2014-06-25 11:17 ` fweimer at redhat dot com
` (6 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: neleai at seznam dot cz @ 2013-10-20 18:35 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=13979
Ondrej Bilka <neleai at seznam dot cz> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |neleai at seznam dot cz
--- Comment #6 from Ondrej Bilka <neleai at seznam dot cz> ---
I did not found a thread on libc-alpha. How situation now looks?
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug libc/13979] A warning should be issued if FORTIFY_SOURCE is requested but not enabled
2012-04-13 17:20 [Bug libc/13979] New: A warning should be issued if FORTIFY_SOURCE is requested but not enabled law at redhat dot com
` (6 preceding siblings ...)
2013-10-20 18:35 ` neleai at seznam dot cz
@ 2014-06-25 11:17 ` fweimer at redhat dot com
2014-11-24 0:08 ` anatol.pomozov at gmail dot com
` (5 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: fweimer at redhat dot com @ 2014-06-25 11:17 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=13979
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |fweimer at redhat dot com
Flags| |security-
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug libc/13979] A warning should be issued if FORTIFY_SOURCE is requested but not enabled
2012-04-13 17:20 [Bug libc/13979] New: A warning should be issued if FORTIFY_SOURCE is requested but not enabled law at redhat dot com
` (7 preceding siblings ...)
2014-06-25 11:17 ` fweimer at redhat dot com
@ 2014-11-24 0:08 ` anatol.pomozov at gmail dot com
2014-11-24 6:31 ` fweimer at redhat dot com
` (4 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: anatol.pomozov at gmail dot com @ 2014-11-24 0:08 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=13979
Anatol Pomozov <anatol.pomozov at gmail dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |anatol.pomozov at gmail dot com
--- Comment #7 from Anatol Pomozov <anatol.pomozov at gmail dot com> ---
Linux Arch still suffers from warnings flood produced by this code.
We have following disto-wide compilation variables:
CPPFLAGS="-D_FORTIFY_SOURCE=2"
CFLAGS="-march=x86-64 -mtune=generic -O2 -pipe -fstack-protector
--param=ssp-buffer-size=4"
and compilation produces a lot of warnings in almost any c++ project:
/usr/include/features.h:328:4: warning: #warning _FORTIFY_SOURCE
requires compiling with optimization (-O) [-Wcpp]
# warning _FORTIFY_SOURCE requires compiling with optimization (-O)
What is the action item for us, downstream package maintainers? What we suppose
to do? There were several proposals (see link to autoconf discussion above):
- revert commit 05c2c9618f5
- move _FORTIFY_SOURCE to CFLAGS/CXXFLAGS/..
- move -O2 to CPPFLAGS
Could you please give us advice on what solution is the best one.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug libc/13979] A warning should be issued if FORTIFY_SOURCE is requested but not enabled
2012-04-13 17:20 [Bug libc/13979] New: A warning should be issued if FORTIFY_SOURCE is requested but not enabled law at redhat dot com
` (8 preceding siblings ...)
2014-11-24 0:08 ` anatol.pomozov at gmail dot com
@ 2014-11-24 6:31 ` fweimer at redhat dot com
2014-11-24 18:41 ` anatol.pomozov at gmail dot com
` (3 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: fweimer at redhat dot com @ 2014-11-24 6:31 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=13979
--- Comment #8 from Florian Weimer <fweimer at redhat dot com> ---
(In reply to Anatol Pomozov from comment #7)
> Linux Arch still suffers from warnings flood produced by this code.
>
> We have following disto-wide compilation variables:
>
> CPPFLAGS="-D_FORTIFY_SOURCE=2"
> CFLAGS="-march=x86-64 -mtune=generic -O2 -pipe -fstack-protector
> --param=ssp-buffer-size=4"
>
> and compilation produces a lot of warnings in almost any c++ project:
Can you double-check if you set CXXFLAGS? And if not, figure out why?
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug libc/13979] A warning should be issued if FORTIFY_SOURCE is requested but not enabled
2012-04-13 17:20 [Bug libc/13979] New: A warning should be issued if FORTIFY_SOURCE is requested but not enabled law at redhat dot com
` (9 preceding siblings ...)
2014-11-24 6:31 ` fweimer at redhat dot com
@ 2014-11-24 18:41 ` anatol.pomozov at gmail dot com
2014-11-24 18:46 ` fweimer at redhat dot com
` (2 subsequent siblings)
13 siblings, 0 replies; 15+ messages in thread
From: anatol.pomozov at gmail dot com @ 2014-11-24 18:41 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=13979
--- Comment #9 from Anatol Pomozov <anatol.pomozov at gmail dot com> ---
I try to build Thrift package for Arch and here are envvars at the moment of
build:
LDFLAGS=-Wl,-O1,--sort-common,--as-needed,-z,relro
SHELL=/bin/bash
TERM=xterm
MAKEFLAGS=-j4
CPPFLAGS=-D_FORTIFY_SOURCE=2
OLDPWD=/build/thrift/src
USER=builduser
COMMAND_MODE=legacy
SUDO_USER=root
SUDO_UID=0
CXXFLAGS=-march=x86-64 -mtune=generic -O2 -pipe -fstack-protector-strong
--param=ssp-buffer-size=4
USERNAME=builduser
MAIL=/var/mail/builduser
PATH=/usr/local/sbin:/usr/local/bin:/usr/bin:/usr/bin/site_perl:/usr/bin/vendor_perl:/usr/bin/core_perl
CHOST=x86_64-unknown-linux-gnu
PWD=/build/thrift/src/thrift-0.9.2
LANG=C
SHLVL=1
SUDO_COMMAND=/usr/bin/makepkg -s --noconfirm -L --holdver -i
HOME=/build
CFLAGS=-march=x86-64 -mtune=generic -O2 -pipe -fstack-protector-strong
--param=ssp-buffer-size=4
LOGNAME=builduser
TEXTDOMAIN=pacman-scripts
SUDO_GID=0
TEXTDOMAINDIR=/usr/share/locale
_=/usr/bin/env
And here is command that generate warning:
libtool: compile: g++ -DHAVE_CONFIG_H -I. -I../../..
-I../../../lib/cpp/src/thrift -I../../cpp/src -I/usr/include -I./gen-cpp
-D_FORTIFY_SOURCE=2 -g -MT libtestgencpp_la-ThriftTest_constants.lo -MD -MP -MF
.deps/libtestgencpp_la-ThriftTest_constants.Tpo -c
gen-cpp/ThriftTest_constants.cpp -fPIC -DPIC -o
.libs/libtestgencpp_la-ThriftTest_constants.o
In file included from
/usr/include/c++/4.9.2/x86_64-unknown-linux-gnu/bits/os_defines.h:39:0,
from
/usr/include/c++/4.9.2/x86_64-unknown-linux-gnu/bits/c++config.h:430,
from /usr/include/c++/4.9.2/iosfwd:38,
from gen-cpp/ThriftTest_types.h:10,
from gen-cpp/ThriftTest_constants.h:10,
from gen-cpp/ThriftTest_constants.cpp:7:
/usr/include/features.h:328:4: warning: #warning _FORTIFY_SOURCE requires
compiling with optimization (-O) [-Wcpp]
# warning _FORTIFY_SOURCE requires compiling with optimization (-O)
^
hmm... libtool does not seems to use CXXFLAGS here.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug libc/13979] A warning should be issued if FORTIFY_SOURCE is requested but not enabled
2012-04-13 17:20 [Bug libc/13979] New: A warning should be issued if FORTIFY_SOURCE is requested but not enabled law at redhat dot com
` (10 preceding siblings ...)
2014-11-24 18:41 ` anatol.pomozov at gmail dot com
@ 2014-11-24 18:46 ` fweimer at redhat dot com
2014-11-24 19:36 ` anatol.pomozov at gmail dot com
2023-08-07 9:41 ` sam at gentoo dot org
13 siblings, 0 replies; 15+ messages in thread
From: fweimer at redhat dot com @ 2014-11-24 18:46 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=13979
--- Comment #10 from Florian Weimer <fweimer at redhat dot com> ---
(In reply to Anatol Pomozov from comment #9)
> hmm... libtool does not seems to use CXXFLAGS here.
Yes, so the warning is absolutely warranted here because the CXXFLAGS-based
compiler flags injection does not work for some reason.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug libc/13979] A warning should be issued if FORTIFY_SOURCE is requested but not enabled
2012-04-13 17:20 [Bug libc/13979] New: A warning should be issued if FORTIFY_SOURCE is requested but not enabled law at redhat dot com
` (11 preceding siblings ...)
2014-11-24 18:46 ` fweimer at redhat dot com
@ 2014-11-24 19:36 ` anatol.pomozov at gmail dot com
2023-08-07 9:41 ` sam at gentoo dot org
13 siblings, 0 replies; 15+ messages in thread
From: anatol.pomozov at gmail dot com @ 2014-11-24 19:36 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=13979
--- Comment #11 from Anatol Pomozov <anatol.pomozov at gmail dot com> ---
Digging deeper into Thrift build system I found that they just drop CFLAGS. It
is wrong imho. Sent a patch upstream https://github.com/apache/thrift/pull/284
Sorry for the noise.
I am going to look why other packages have this warning.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 15+ messages in thread
* [Bug libc/13979] A warning should be issued if FORTIFY_SOURCE is requested but not enabled
2012-04-13 17:20 [Bug libc/13979] New: A warning should be issued if FORTIFY_SOURCE is requested but not enabled law at redhat dot com
` (12 preceding siblings ...)
2014-11-24 19:36 ` anatol.pomozov at gmail dot com
@ 2023-08-07 9:41 ` sam at gentoo dot org
13 siblings, 0 replies; 15+ messages in thread
From: sam at gentoo dot org @ 2023-08-07 9:41 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=13979
Sam James <sam at gentoo dot org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |sam at gentoo dot org
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 15+ messages in thread
end of thread, other threads:[~2023-08-07 9:41 UTC | newest]
Thread overview: 15+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2012-04-13 17:20 [Bug libc/13979] New: A warning should be issued if FORTIFY_SOURCE is requested but not enabled law at redhat dot com
2012-05-07 21:05 ` [Bug libc/13979] " aj at suse dot de
2012-05-08 17:49 ` aj at suse dot de
2012-05-08 17:56 ` law at redhat dot com
2013-05-08 15:25 ` eblake at redhat dot com
2013-05-08 15:53 ` aj at suse dot de
2013-05-08 15:54 ` law at redhat dot com
2013-10-20 18:35 ` neleai at seznam dot cz
2014-06-25 11:17 ` fweimer at redhat dot com
2014-11-24 0:08 ` anatol.pomozov at gmail dot com
2014-11-24 6:31 ` fweimer at redhat dot com
2014-11-24 18:41 ` anatol.pomozov at gmail dot com
2014-11-24 18:46 ` fweimer at redhat dot com
2014-11-24 19:36 ` anatol.pomozov at gmail dot com
2023-08-07 9:41 ` sam at gentoo dot org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).