public inbox for glibc-cvs@sourceware.org
help / color / mirror / Atom feed
From: Adhemerval Zanella <azanella@sourceware.org>
To: glibc-cvs@sourceware.org
Subject: [glibc/azanella/check-headers] scripts: Add fortify checks on installed headers
Date: Mon, 10 Jul 2023 19:09:31 +0000 (GMT) [thread overview]
Message-ID: <20230710190931.35CE83857700@sourceware.org> (raw)
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=035ca6b5365cc4772f3f08fe7d9639f5c7fc254c
commit 035ca6b5365cc4772f3f08fe7d9639f5c7fc254c
Author: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Date: Tue Jun 20 16:55:10 2023 -0300
scripts: Add fortify checks on installed headers
The _FORTIFY_SOURCE is used as default by some system compilers,
and there is no way to check if some fortify extension does not
trigger any conformance issue.
Checked on x86_64-linux-gnu.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Diff:
---
| 36 +++++++++++++++++++++++-------------
1 file changed, 23 insertions(+), 13 deletions(-)
--git a/scripts/check-installed-headers.sh b/scripts/check-installed-headers.sh
index 5a50a491ca..23506a2514 100644
--- a/scripts/check-installed-headers.sh
+++ b/scripts/check-installed-headers.sh
@@ -29,6 +29,9 @@ cxx_modes="-std=c++98 -std=gnu++98 -std=c++11 -std=gnu++11"
# These are probably the most commonly used three.
lib_modes="-D_DEFAULT_SOURCE=1 -D_GNU_SOURCE=1 -D_XOPEN_SOURCE=700"
+# Also check for fortify modes, since it might be enabled as default.
+fortify_modes="1 2 3"
+
if [ $# -lt 3 ]; then
echo "usage: $0 c|c++ \"compile command\" header header header..." >&2
exit 2
@@ -100,29 +103,36 @@ EOF
echo :: "$header"
for lang_mode in "" $lang_modes; do
for lib_mode in "" $lib_modes; do
- echo :::: $lang_mode $lib_mode
- if [ -z "$lib_mode" ]; then
- expanded_lib_mode='/* default library mode */'
- else
- expanded_lib_mode=$(echo : $lib_mode | \
- sed 's/^: -D/#define /; s/=/ /')
- fi
- cat >"$cih_test_c" <<EOF
+ for fortify_mode in "" $fortify_modes; do
+ echo :::: $lang_mode $lib_mode $fortify_mode
+ if [ -z "$lib_mode" ]; then
+ expanded_lib_mode='/* default library mode */'
+ else
+ expanded_lib_mode=$(echo : $lib_mode | \
+ sed 's/^: -D/#define /; s/=/ /')
+ fi
+ if [ ! -z $fortify_mode ]; then
+ fortify_mode="#define _FORTIFY_SOURCE $fortify_mode"
+ fi
+ cat >"$cih_test_c" <<EOF
/* These macros may have been defined on the command line. They are
inappropriate for this test. */
#undef _LIBC
#undef _GNU_SOURCE
+#undef _FORTIFY_SOURCE
+$fortify_mode
/* The library mode is selected here rather than on the command line to
ensure that this selection wins. */
$expanded_lib_mode
#include <$header>
int avoid_empty_translation_unit;
EOF
- if $cc_cmd -finput-charset=ascii -fsyntax-only $lang_mode \
- "$cih_test_c" 2>&1
- then :
- else failed=1
- fi
+ if $cc_cmd -finput-charset=ascii -fsyntax-only $lang_mode \
+ "$cih_test_c" 2>&1
+ then :
+ else failed=1
+ fi
+ done
done
done
done
reply other threads:[~2023-07-10 19:09 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230710190931.35CE83857700@sourceware.org \
--to=azanella@sourceware.org \
--cc=glibc-cvs@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).