pansz wrote: > Today I upgrade my computer to ubuntu 11.04. then I started to compile vim. > > when compiling, it shows many warnings for strcpy() in eval.c. > > gcc -c -I. -Iproto -DHAVE_CONFIG_H -DFEAT_GUI_GTK -pthread > -I/usr/include/atk-1.0 -I/usr/include/pango-1.0 -I/usr/include/gio-unix-2.0/ > -I/usr/include/glib-2.0 -I/usr/lib/i386-linux-gnu/glib-2.0/include > -I/usr/include/freetype2 -I/usr/include/libpng12 -I/usr/include/gtk-2.0 > -I/usr/lib/gtk-2.0/include -I/usr/include/cairo > -I/usr/include/gdk-pixbuf-2.0 -I/usr/include/pixman-1 -O2 -g > -march=native -mfpmath=sse -DNDEBUG -fno-strength-reduce -o > objects/eval.o eval.c > In file included from /usr/include/string.h:642:0, > from os_unix.h:515, > from vim.h:270, > from eval.c:14: > In function ‘strcpy’, > inlined from ‘call_user_func’ at eval.c:21945:2: > /usr/include/bits/string3.h:105:3: warning: call to __builtin___strcpy_chk > will always overflow destination buffer > > > These are warnings but it always crashes vim on start-up. > > Add -D_FORTIFY_SOURCE=1 to CFLAGS solves the problem. But vim does work > without FORTIFY_SOURCE in ubuntu 10.10 and before. IMO -D_FORTIFY_SOURCE=1 > is not an option which should be used on final product program.
I think it's quite the opposite. Compiling with -D_FORTIFY_SOURCE=2 is dangerous and known to break valid C programs (Vim for example). See: http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html === BEGIN QUOTE === The intended use in glibc is that by default no protection is done, when the above GCC 4.0+ and -D_FORTIFY_SOURCE=1 is used at optimization level 1 and above, security measures that shouldn't change behaviour of conforming programs are taken. With -D_FORTIFY_SOURCE=2 some more checking is added, but some conforming programs might fail. === END QUOTE === Ubuntu for some reasons changed gcc to compile with -D_FORTIFY_SOURCE=2 by default since Ubuntu-8.10 (search for _FORTIFY_SOURCE in "man gcc" on Ubuntu). I don't think that was a safe decision. Compiling with -D_FORTIFY_SOURCE=1 should always be fine. Vim's configure script automatically adds -D_FORTIFY_SOURCE=1 (intoduced in Vim-7.2.044) so it should work fine by default if you do "configure ; make ; make install" Vim was also compiled with -D_FORTIFY_SOURCE=1 in Ubuntu-10.10 as far as I know. Regards -- Dominique -- You received this message from the "vim_use" maillist. Do not top-post! Type your reply below the text you are replying to. For more information, visit http://www.vim.org/maillist.php
