Hi, I'm trying to figure out why my package (wxpython4.0) is getting flagged for hardening-no-fortify-functions even though I have export DEB_BUILD_MAINT_OPTIONS = hardening=+all in my debian/rules and I can see the -DFORTIFY_SOURCE=2 being set in g++ arguments.
I added some debug to binaries.pm and I determined that it is only finding wmemcpy function as not being hardened. I grepped my source tree and I do not find any calls to wmemcpy. I then ran objdump -d on one of the built .so's. If I am reading the objdump correctly, the only calls to wmemcpy are in functions named like: _ZNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEE12_M_constructIPKwEEvT_S8_St20forward_iterator_tag This sounds like some sort of auto-generated C++ function? Do you have any thoughts on this? Thanks, Scott
