Author: robert
Date: 2006-08-12 14:32:00 -0600 (Sat, 12 Aug 2006)
New Revision: 702
Modified:
trunk/BOOK/chapter01/changelog.xml
trunk/BOOK/chapter05/cocoon-toolchain.xml
trunk/BOOK/chapter06/butterfly-toolchain.xml
Log:
Add D_LIBC_REENTRANT to conditions against -D_FORTIFY_SOURCE=2 in gcc specs.
Removed -no-fortify flag, use -D_FORTIFY_SOURCE=0 instead.
Modified: trunk/BOOK/chapter01/changelog.xml
===================================================================
--- trunk/BOOK/chapter01/changelog.xml 2006-08-12 06:11:05 UTC (rev 701)
+++ trunk/BOOK/chapter01/changelog.xml 2006-08-12 20:32:00 UTC (rev 702)
@@ -110,6 +110,10 @@
</listitem>
-->
+<listitem><para>August 12th, 2006 [Robert]: Add D_LIBC_REENTRANT to conditions
+against -D_FORTIFY_SOURCE=2 in gcc specs. Removed -no-fortify flag, use
+-D_FORTIFY_SOURCE=0 instead.</para></listitem>
+
<listitem><para>August 12th, 2006 [Robert]: Added a program to test
_FORTIFY_SOURCE and SSP against a strcpy() overflow, when butterfly is
installed.</para></listitem>
Modified: trunk/BOOK/chapter05/cocoon-toolchain.xml
===================================================================
--- trunk/BOOK/chapter05/cocoon-toolchain.xml 2006-08-12 06:11:05 UTC (rev
701)
+++ trunk/BOOK/chapter05/cocoon-toolchain.xml 2006-08-12 20:32:00 UTC (rev
702)
@@ -104,8 +104,10 @@
defined (libc does this). <option>-fstack-protector-all</option> is passed
on everything else, unless __KERNEL__ is defined (kernel and modules).
_FORTIFY_SOURCE only works with optimization, so if no optimization level
-is set <option>-O</option> is added, unless <option>-no-fortify</option> or
-<option>-D_FORTIFY_SOURCE</option> is passed on the command line.</para>
+is set <option>-O</option> is added, unless <option>-D_FORTIFY_SOURCE</option>
+or <option>D_LIBC_REENTRANT</option> is passed on the command line.
+FORTIFY_SOURCE redefines functions in Glibc, so much of Glibc can not be built
+with FORTIFY_SOURCE, hence the _LIBC_REENTRANT condition.</para>
<para>The following file redefines GCC's default behaviour to add various
options:</para>
@@ -118,7 +120,7 @@
#undef CPP_SPEC
#define CPP_SPEC "%{posix:-D_POSIX_SOURCE} %{pthread:-D_REENTRANT} \
- %{D_FORTIFY_SOURCE*|no-fortify:;:-D_FORTIFY_SOURCE=2}"
+ %{D_FORTIFY_SOURCE*|D_LIBC_REENTRANT:;:-D_FORTIFY_SOURCE=2}"
#undef CC1_SPEC
#define CC1_SPEC "%(cc1_cpu) %{profile:-p} \
@@ -128,7 +130,7 @@
shared|nostdlib|nostartfiles:;:-fPIE} \
%{D__KERNEL__|fno-stack-protector|fstack-protector| \
fstack-protector-all:;D_LIBC_REENTRANT:-fstack-protector;: \
- -fstack-protector-all} %{D_FORTIFY_SOURCE*|no-fortify|O*:;:-O}"
+ -fstack-protector-all}
%{D_FORTIFY_SOURCE*|D_LIBC_REENTRANT|O*:;:-O}"
#undef CC1PLUS_SPEC
#define CC1PLUS_SPEC \
@@ -138,7 +140,7 @@
shared|nostdlib|nostartfiles:;:-fPIE} \
%{D__KERNEL__|fno-stack-protector|fstack-protector| \
fstack-protector-all:;D_LIBC_REENTRANT:-fstack-protector;: \
- -fstack-protector-all} %{D_FORTIFY_SOURCE*|no-fortify|O*:;:-O}"
+ -fstack-protector-all}
%{D_FORTIFY_SOURCE*|D_LIBC_REENTRANT|O*:;:-O}"
#undef ENDFILE_SPEC
#define ENDFILE_SPEC "%{ffast-math|funsafe-math-optimizations: \
Modified: trunk/BOOK/chapter06/butterfly-toolchain.xml
===================================================================
--- trunk/BOOK/chapter06/butterfly-toolchain.xml 2006-08-12 06:11:05 UTC
(rev 701)
+++ trunk/BOOK/chapter06/butterfly-toolchain.xml 2006-08-12 20:32:00 UTC
(rev 702)
@@ -260,6 +260,7 @@
<para>Followed by "Backtrace" and "Memory map", and
the final two lines should say "Aborted" and
"134"</para>
+
<para>In this fortify-test program the strcpy() function was replaced with
the __strcpy_chk() function at compile time, when the warning was
generated.
The __strcpy_chk() function then aborted the program at run time when a
--
http://linuxfromscratch.org/mailman/listinfo/hlfs-book
FAQ: http://www.linuxfromscratch.org/faq/
Unsubscribe: See the above information page
