gcc FORTIFY_SOURCE application security flags
Baesken, Matthias
matthias.baesken at sap.com
Mon May 6 07:03:48 UTC 2019
Hello Kim and Erik, thanks for pointing me at
https://bugs.openjdk.java.net/browse/JDK-8050803
https://bugs.openjdk.java.net/browse/JDK-8130017
I noticed too that the flag needs to be set together with optimization flags (which is pointed out in these 2 bugs).
Performance seems to be not much affected (however I might need to look into it more ).
But the missing hs_err file in case of hitting an issue is bad, as long as there is no fix for this,
I would not set the flag (otherwise I like _FORTIFY_SOURCE ).
Best regards, Matthias
> >
> >
> > Hello.
> > maybe some of you are aware of the gcc FORTIFY_SOURCE application
> security flags.
> > Developers can enable compile and also runtime checks for some string /
> memory related operations with the flag.
> >
> > See details :
> > https://access.redhat.com/blogs/766093/posts/1976213
> >
> > Have you tried already those flags in the OpenJDK ?
>
> I happen to like _FORTIFY_SOURCE, as I’ve seen it catch some real problems
> that would have been
> much harder to find otherwise. However, we’ve tried it in the past and ran
> into some problems. There
> is an existing RFE to reinstate it’s use, which also mentions or references
> those previous attempts and
> the problems encountered. See JDK-8130017 "use _FORTIFY_SOURCE in gcc
> fastdebug builds”.
>
> I didn’t know about the hs_err problem. It might be considered less of a
> problem if only enabling in
> fastdebug builds (as suggested by JDK-8130017), as such builds are
> developer-oriented and the
> loss of an hs_err file is (while annoying) perhaps less critical.
More information about the build-dev
mailing list