https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77409
--- Comment #11 from Andrew Pinski ---
> The entire point of libssp is to provide this support on systems whose libc
> does not include it, so that both -D_FORTIFY_SOURCE and -fstack-protector*
> functionality would be available cross-platform.
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77409
Andrew Pinski changed:
What|Removed |Added
Status|UNCONFIRMED |RESOLVED
Resolution|---
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77409
Yaakov Selkowitz changed:
What|Removed |Added
Status|RESOLVED|UNCONFIRMED
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77409
--- Comment #8 from Yaakov Selkowitz ---
(In reply to Andrew Pinski from comment #3)
> In fact this is by design. NetBSD for an example has ssp/stdio.h where you
> use that to get the fority.
This does not apply where the libc provides its own
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77409
Andrew Pinski changed:
What|Removed |Added
Status|UNCONFIRMED |RESOLVED
Resolution|---
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77409
--- Comment #6 from Andrew Pinski ---
(In reply to Andrew Pinski from comment #5)
> > NetBSD which provide SSP in libc
>
> This statement is not true for older versions of netbsd.
And really not true even for the current version of netbsd but
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77409
--- Comment #5 from Andrew Pinski ---
> NetBSD which provide SSP in libc
This statement is not true for older versions of netbsd.
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77409
--- Comment #4 from Andrew Pinski ---
(In reply to Yaakov Selkowitz from comment #2)
> (In reply to Andrew Pinski from comment #1)
> > I don't think this is a security hole at all. In fact the security holes
> > should be on the applications
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77409
--- Comment #3 from Andrew Pinski ---
In fact this is by design. NetBSD for an example has ssp/stdio.h where you use
that to get the fority.
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77409
--- Comment #2 from Yaakov Selkowitz ---
(In reply to Andrew Pinski from comment #1)
> I don't think this is a security hole at all. In fact the security holes
> should be on the applications side rather than the library side.
The compiler is
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=77409
--- Comment #1 from Andrew Pinski ---
I don't think this is a security hole at all. In fact the security holes
should be on the applications side rather than the library side.
11 matches
Mail list logo