Message ID | 20221222160403.4151387-1-siddhesh@sourceware.org |
---|---|
State | New |
Headers | show |
Series | [v3] Add _FORTIFY_SOURCE implementation documentation [BZ #28998] | expand |
Ping! On 2022-12-22 11:04, Siddhesh Poyarekar via Libc-alpha wrote: > There have been multiple requests to provide more detail on how the > _FORTIFY_SOURCE macro works, so this patch adds a new node in the > Library Maintenance section that does this. A lot of the description is > implementation detail, which is why I put this in the appendix and not > in the main documentation. > > Resolves: BZ #28998. > Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org> > --- > Changes from v2: > - More massaging of the summary. > > Changes from v1: > - Adjust wording to cover the non-buffer-overflow validation > - Update function list > - remove redundant 'See' > > manual/creature.texi | 2 + > manual/maint.texi | 222 +++++++++++++++++++++++++++++++++++++++++++ > 2 files changed, 224 insertions(+) > > diff --git a/manual/creature.texi b/manual/creature.texi > index 530a02398e..47d1fc4607 100644 > --- a/manual/creature.texi > +++ b/manual/creature.texi > @@ -306,6 +306,8 @@ If this macro is defined to @math{1}, security hardening is added to > various library functions. If defined to @math{2}, even stricter > checks are applied. If defined to @math{3}, @theglibc{} may also use > checks that may have an additional performance overhead. > +@xref{Source Fortification,,Fortification of function calls} for more > +information. > @end defvr > > @defvr Macro _DYNAMIC_STACK_SIZE_SOURCE > diff --git a/manual/maint.texi b/manual/maint.texi > index 49510db7bf..d9507f8ec3 100644 > --- a/manual/maint.texi > +++ b/manual/maint.texi > @@ -5,6 +5,7 @@ > @menu > * Source Layout:: How to add new functions or header files > to the GNU C Library. > +* Source Fortification:: Fortification of function calls. > * Symbol handling:: How to handle symbols in the GNU C Library. > * Porting:: How to port the GNU C Library to > a new machine or operating system. > @@ -184,6 +185,227 @@ header file in the machine-specific directory, e.g., > @file{sysdeps/powerpc/sys/platform/ppc.h}. > > > +@node Source Fortification > +@appendixsec Fortification of function calls > + > +This section contains implementation details of @theglibc{} and may not > +remain stable across releases. > + > +The @code{_FORTIFY_SOURCE} macro may be defined by users to control > +hardening of calls into some functions in @theglibc{}. The hardening > +primarily focuses on accesses to buffers passed to the functions but may > +also include checks for validity of other inputs to the functions. > + > +When the @code{_FORTIFY_SOURCE} macro is defined, it enables code that > +validates inputs passed to some functions in @theglibc to determine if > +they are safe. If the compiler is unable to determine that the inputs > +to the function call are safe, the call may be replaced by a call to its > +hardened variant that does additional safety checks at runtime. Some > +hardened variants need the size of the buffer to perform access > +validation and this is provided by the @code{__builtin_object_size} or > +the @code{__builtin_dynamic_object_size} builtin functions. > + > +At runtime, if any of those safety checks fail, the program will > +terminate with a @code{SIGABRT} signal. @code{_FORTIFY_SOURCE} may be > +defined to one of the following values: > + > +@itemize @bullet > +@item @math{1}: This enables buffer bounds checking using the value > +returned by the @code{__builtin_object_size} compiler builtin function. > +If the function returns @code{(size_t) -1}, the function call is left > +untouched. Additionally, this level also enables validation of flags to > +the @code{open}, @code{open64}, @code{openat} and @code{openat64} > +functions. > + > +@item @math{2}: This behaves like @math{1}, with the addition of some > +checks that may trap code that is conforming but unsafe, e.g. accepting > +@code{%n} only in read-only format strings. > + > +@item @math{3}: This enables buffer bounds checking using the value > +returned by the @code{__builtin_dynamic_object_size} compiler builtin > +function. If the function returns @code{(size_t) -1}, the function call > +is left untouched. Fortification at this level may have a impact on > +program performance if the function call that is fortified is frequently > +encountered and the size expression returned by > +@code{__builtin_dynamic_object_size} is complex. > +@end itemize > + > +The following functions are fortified in @theglibc{}: > + > +@itemize @bullet > +@item @code{asprintf}: Replaced with @code{__asprintf_chk}. > + > +@item @code{confstr}: Replaced with @code{__confstr_chk}. > + > +@item @code{dprintf}: Replaced with @code{__dprintf_chk}. > + > +@item @code{explicit_bzero}: Replaced with @code{__explicit_bzero_chk}. > + > +@item @code{FD_SET}: Replaced with @code{__fdelt_chk}. > + > +@item @code{FD_CLR}: Replaced with @code{__fdelt_chk}. > + > +@item @code{FD_ISSET}: Replaced with @code{__fdelt_chk}. > + > +@item @code{fgets}: Replaced with @code{__fgets_chk}. > + > +@item @code{fgets_unlocked}: Replaced with @code{__fgets_unlocked_chk}. > + > +@item @code{fgetws}: Replaced with @code{__fgetws_chk}. > + > +@item @code{fgetws_unlocked}: Replaced with @code{__fgetws_unlocked_chk}. > + > +@item @code{fprintf}: Replaced with @code{__fprintf_chk}. > + > +@item @code{fread}: Replaced with @code{__fread_chk}. > + > +@item @code{fread_unlocked}: Replaced with @code{__fread_unlocked_chk}. > + > +@item @code{fwprintf}: Replaced with @code{__fwprintf_chk}. > + > +@item @code{getcwd}: Replaced with @code{__getcwd_chk}. > + > +@item @code{getdomainname}: Replaced with @code{__getdomainname_chk}. > + > +@item @code{getgroups}: Replaced with @code{__getgroups_chk}. > + > +@item @code{gethostname}: Replaced with @code{__gethostname_chk}. > + > +@item @code{getlogin_r}: Replaced with @code{__getlogin_r_chk}. > + > +@item @code{gets}: Replaced with @code{__gets_chk}. > + > +@item @code{getwd}: Replaced with @code{__getwd_chk}. > + > +@item @code{longjmp}: Replaced with @code{__longjmp_chk}. > + > +@item @code{mbsnrtowcs}: Replaced with @code{__mbsnrtowcs_chk}. > + > +@item @code{mbsrtowcs}: Replaced with @code{__mbsrtowcs_chk}. > + > +@item @code{mbstowcs}: Replaced with @code{__mbstowcs_chk}. > + > +@item @code{memcpy}: Replaced with @code{__memcpy_chk}. > + > +@item @code{memmove}: Replaced with @code{__memmove_chk}. > + > +@item @code{mempcpy}: Replaced with @code{__mempcpy_chk}. > + > +@item @code{memset}: Replaced with @code{__memset_chk}. > + > +@item @code{obstack_printf}: Replaced with @code{__obstack_printf_chk}. > + > +@item @code{obstack_vprintf}: Replaced with @code{__obstack_vprintf_chk}. > + > +@item @code{open}: Replaced with @code{__open_2}. > + > +@item @code{open64}: Replaced with @code{__open64_2}. > + > +@item @code{openat}: Replaced with @code{__openat_2}. > + > +@item @code{openat64}: Replaced with @code{__openat64_2}. > + > +@item @code{poll}: Replaced with @code{__poll_chk}. > + > +@item @code{ppoll}: Replaced with @code{__ppoll_chk}. > + > +@item @code{pread}: Replaced with @code{__pread_chk}. > + > +@item @code{pread64}: Replaced with @code{__pread64_chk}. > + > +@item @code{printf}: Replaced with @code{__printf_chk}. > + > +@item @code{ptsname_r}: Replaced with @code{__ptsname_r_chk}. > + > +@item @code{read}: Replaced with @code{__read_chk}. > + > +@item @code{readlink}: Replaced with @code{__readlink_chk}. > + > +@item @code{readlinkat}: Replaced with @code{__readlinkat_chk}. > + > +@item @code{realpath}: Replaced with @code{__realpath_chk}. > + > +@item @code{recv}: Replaced with @code{__recv_chk}. > + > +@item @code{recvfrom}: Replaced with @code{__recvfrom_chk}. > + > +@item @code{snprintf}: Replaced with @code{__snprintf_chk}. > + > +@item @code{sprintf}: Replaced with @code{__sprintf_chk}. > + > +@item @code{stpcpy}: Replaced with @code{__stpcpy_chk}. > + > +@item @code{stpncpy}: Replaced with @code{__stpncpy_chk}. > + > +@item @code{strcat}: Replaced with @code{__strcat_chk}. > + > +@item @code{strcpy}: Replaced with @code{__strcpy_chk}. > + > +@item @code{strncat}: Replaced with @code{__strncat_chk}. > + > +@item @code{strncpy}: Replaced with @code{__strncpy_chk}. > + > +@item @code{swprintf}: Replaced with @code{__swprintf_chk}. > + > +@item @code{syslog}: Replaced with @code{__syslog_chk}. > + > +@item @code{ttyname_r}: Replaced with @code{__ttyname_r_chk}. > + > +@item @code{vasprintf}: Replaced with @code{__vasprintf_chk}. > + > +@item @code{vdprintf}: Replaced with @code{__vdprintf_chk}. > + > +@item @code{vfprintf}: Replaced with @code{__vfprintf_chk}. > + > +@item @code{vfwprintf}: Replaced with @code{__vfwprintf_chk}. > + > +@item @code{vprintf}: Replaced with @code{__vprintf_chk}. > + > +@item @code{vsnprintf}: Replaced with @code{__vsnprintf_chk}. > + > +@item @code{vsprintf}: Replaced with @code{__vsprintf_chk}. > + > +@item @code{vswprintf}: Replaced with @code{__vswprintf_chk}. > + > +@item @code{vsyslog}: Replaced with @code{__vsyslog_chk}. > + > +@item @code{vwprintf}: Replaced with @code{__vwprintf_chk}. > + > +@item @code{wcpcpy}: Replaced with @code{__wcpcpy_chk}. > + > +@item @code{wcpncpy}: Replaced with @code{__wcpncpy_chk}. > + > +@item @code{wcrtomb}: Replaced with @code{__wcrtomb_chk}. > + > +@item @code{wcscat}: Replaced with @code{__wcscat_chk}. > + > +@item @code{wcscpy}: Replaced with @code{__wcscpy_chk}. > + > +@item @code{wcsncat}: Replaced with @code{__wcsncat_chk}. > + > +@item @code{wcsncpy}: Replaced with @code{__wcsncpy_chk}. > + > +@item @code{wcsnrtombs}: Replaced with @code{__wcsnrtombs_chk}. > + > +@item @code{wcsrtombs}: Replaced with @code{__wcsrtombs_chk}. > + > +@item @code{wcstombs}: Replaced with @code{__wcstombs_chk}. > + > +@item @code{wctomb}: Replaced with @code{__wctomb_chk}. > + > +@item @code{wmemcpy}: Replaced with @code{__wmemcpy_chk}. > + > +@item @code{wmemmove}: Replaced with @code{__wmemmove_chk}. > + > +@item @code{wmempcpy}: Replaced with @code{__wmempcpy_chk}. > + > +@item @code{wmemset}: Replaced with @code{__wmemset_chk}. > + > +@item @code{wprintf}: Replaced with @code{__wprintf_chk}. > + > +@end itemize > + > + > @node Symbol handling > @appendixsec Symbol handling in the GNU C Library >
Le 22/12/2022 à 17:04, Siddhesh Poyarekar via Libc-alpha a écrit : > There have been multiple requests to provide more detail on how the > _FORTIFY_SOURCE macro works, so this patch adds a new node in the > Library Maintenance section that does this. A lot of the description is > implementation detail, which is why I put this in the appendix and not > in the main documentation. > > Resolves: BZ #28998. > Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org> > --- > Changes from v2: > - More massaging of the summary. > > Changes from v1: > - Adjust wording to cover the non-buffer-overflow validation > - Update function list > - remove redundant 'See' > > manual/creature.texi | 2 + > manual/maint.texi | 222 +++++++++++++++++++++++++++++++++++++++++++ > 2 files changed, 224 insertions(+) > > diff --git a/manual/creature.texi b/manual/creature.texi > index 530a02398e..47d1fc4607 100644 > --- a/manual/creature.texi > +++ b/manual/creature.texi > @@ -306,6 +306,8 @@ If this macro is defined to @math{1}, security hardening is added to > various library functions. If defined to @math{2}, even stricter > checks are applied. If defined to @math{3}, @theglibc{} may also use > checks that may have an additional performance overhead. > +@xref{Source Fortification,,Fortification of function calls} for more > +information. > @end defvr > > @defvr Macro _DYNAMIC_STACK_SIZE_SOURCE > diff --git a/manual/maint.texi b/manual/maint.texi > index 49510db7bf..d9507f8ec3 100644 > --- a/manual/maint.texi > +++ b/manual/maint.texi > @@ -5,6 +5,7 @@ > @menu > * Source Layout:: How to add new functions or header files > to the GNU C Library. > +* Source Fortification:: Fortification of function calls. > * Symbol handling:: How to handle symbols in the GNU C Library. > * Porting:: How to port the GNU C Library to > a new machine or operating system. > @@ -184,6 +185,227 @@ header file in the machine-specific directory, e.g., > @file{sysdeps/powerpc/sys/platform/ppc.h}. > > > +@node Source Fortification > +@appendixsec Fortification of function calls > + > +This section contains implementation details of @theglibc{} and may not > +remain stable across releases. > + > +The @code{_FORTIFY_SOURCE} macro may be defined by users to control > +hardening of calls into some functions in @theglibc{}. Macro must be defined before header inclusion. > The hardening > +primarily focuses on accesses to buffers passed to the functions but may > +also include checks for validity of other inputs to the functions. > + > +When the @code{_FORTIFY_SOURCE} macro is defined, it enables code that > +validates inputs passed to some functions in @theglibc to determine if > +they are safe. If the compiler is unable to determine that the inputs > +to the function call are safe, the call may be replaced by a call to its > +hardened variant that does additional safety checks at runtime. Some > +hardened variants need the size of the buffer to perform access > +validation and this is provided by the @code{__builtin_object_size} or > +the @code{__builtin_dynamic_object_size} builtin functions. > + > +At runtime, if any of those safety checks fail, the program will > +terminate with a @code{SIGABRT} signal. @code{_FORTIFY_SOURCE} may be > +defined to one of the following values: > + > +@itemize @bullet > +@item @math{1}: This enables buffer bounds checking using the value > +returned by the @code{__builtin_object_size} compiler builtin function. > +If the function returns @code{(size_t) -1}, the function call is left > +untouched. Additionally, this level also enables validation of flags to > +the @code{open}, @code{open64}, @code{openat} and @code{openat64} > +functions. > + > +@item @math{2}: This behaves like @math{1}, with the addition of some > +checks that may trap code that is conforming but unsafe, e.g. accepting > +@code{%n} only in read-only format strings. > + > +@item @math{3}: This enables buffer bounds checking using the value > +returned by the @code{__builtin_dynamic_object_size} compiler builtin > +function. If the function returns @code{(size_t) -1}, the function call > +is left untouched. Fortification at this level may have a impact on > +program performance if the function call that is fortified is frequently > +encountered and the size expression returned by > +@code{__builtin_dynamic_object_size} is complex. > +@end itemize > + Regards.
On 2023-01-05 16:04, Yann Droneaud wrote: >> +The @code{_FORTIFY_SOURCE} macro may be defined by users to control >> +hardening of calls into some functions in @theglibc{}. > > Macro must be defined before header inclusion. > Thanks, I changed this to: The @code{_FORTIFY_SOURCE} macro may be defined by users to control hardening of calls into some functions in @theglibc{}. The definition should be at the top of the source file before any headers are included or at the pre-processor commandline using the @code{-D} switch. Sid
* Siddhesh Poyarekar: > +The following functions are fortified in @theglibc{}: > + > +@itemize @bullet > +@item @code{asprintf}: Replaced with @code{__asprintf_chk}. > + > +@item @code{confstr}: Replaced with @code{__confstr_chk}. > + > +@item @code{dprintf}: Replaced with @code{__dprintf_chk}. For the *printf* functions, the replacement depends on the architecture and compilation mode (the concrete type of long double). > +@item @code{explicit_bzero}: Replaced with @code{__explicit_bzero_chk}. > + > +@item @code{FD_SET}: Replaced with @code{__fdelt_chk}. > + > +@item @code{FD_CLR}: Replaced with @code{__fdelt_chk}. > + > +@item @code{FD_ISSET}: Replaced with @code{__fdelt_chk}. These three macros (not functions) aren't replaced, but enhanced. Maybe just mentioned the list of functions/macros, and point towards the general pattern, but also note the presence of exceptions? Rest looks okay to me. Thanks, Florian
On 2023-01-09 10:32, Florian Weimer wrote: > * Siddhesh Poyarekar: > >> +The following functions are fortified in @theglibc{}: >> + >> +@itemize @bullet >> +@item @code{asprintf}: Replaced with @code{__asprintf_chk}. >> + >> +@item @code{confstr}: Replaced with @code{__confstr_chk}. >> + >> +@item @code{dprintf}: Replaced with @code{__dprintf_chk}. > > For the *printf* functions, the replacement depends on the architecture > and compilation mode (the concrete type of long double). Oh yeah, I had missed the __nldbl_* ones and, TIL about the ieee128 ones. And guess what, I tried another way to look up this list (through Versions files) and found that mq_open is also fortified! >> +@item @code{explicit_bzero}: Replaced with @code{__explicit_bzero_chk}. >> + >> +@item @code{FD_SET}: Replaced with @code{__fdelt_chk}. >> + >> +@item @code{FD_CLR}: Replaced with @code{__fdelt_chk}. >> + >> +@item @code{FD_ISSET}: Replaced with @code{__fdelt_chk}. > > These three macros (not functions) aren't replaced, but enhanced. > > Maybe just mentioned the list of functions/macros, and point towards the > general pattern, but also note the presence of exceptions? Ack, v4 coming up. Thanks, Sid
> On 22 Dec 2022, at 16:04, Siddhesh Poyarekar via Libc-alpha <libc-alpha@sourceware.org> wrote: > > There have been multiple requests to provide more detail on how the > _FORTIFY_SOURCE macro works, so this patch adds a new node in the > Library Maintenance section that does this. A lot of the description is > implementation detail, which is why I put this in the appendix and not > in the main documentation. > Thanks for doing this, it looks great. > Resolves: BZ #28998. > Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org> > --- best, sam
diff --git a/manual/creature.texi b/manual/creature.texi index 530a02398e..47d1fc4607 100644 --- a/manual/creature.texi +++ b/manual/creature.texi @@ -306,6 +306,8 @@ If this macro is defined to @math{1}, security hardening is added to various library functions. If defined to @math{2}, even stricter checks are applied. If defined to @math{3}, @theglibc{} may also use checks that may have an additional performance overhead. +@xref{Source Fortification,,Fortification of function calls} for more +information. @end defvr @defvr Macro _DYNAMIC_STACK_SIZE_SOURCE diff --git a/manual/maint.texi b/manual/maint.texi index 49510db7bf..d9507f8ec3 100644 --- a/manual/maint.texi +++ b/manual/maint.texi @@ -5,6 +5,7 @@ @menu * Source Layout:: How to add new functions or header files to the GNU C Library. +* Source Fortification:: Fortification of function calls. * Symbol handling:: How to handle symbols in the GNU C Library. * Porting:: How to port the GNU C Library to a new machine or operating system. @@ -184,6 +185,227 @@ header file in the machine-specific directory, e.g., @file{sysdeps/powerpc/sys/platform/ppc.h}. +@node Source Fortification +@appendixsec Fortification of function calls + +This section contains implementation details of @theglibc{} and may not +remain stable across releases. + +The @code{_FORTIFY_SOURCE} macro may be defined by users to control +hardening of calls into some functions in @theglibc{}. The hardening +primarily focuses on accesses to buffers passed to the functions but may +also include checks for validity of other inputs to the functions. + +When the @code{_FORTIFY_SOURCE} macro is defined, it enables code that +validates inputs passed to some functions in @theglibc to determine if +they are safe. If the compiler is unable to determine that the inputs +to the function call are safe, the call may be replaced by a call to its +hardened variant that does additional safety checks at runtime. Some +hardened variants need the size of the buffer to perform access +validation and this is provided by the @code{__builtin_object_size} or +the @code{__builtin_dynamic_object_size} builtin functions. + +At runtime, if any of those safety checks fail, the program will +terminate with a @code{SIGABRT} signal. @code{_FORTIFY_SOURCE} may be +defined to one of the following values: + +@itemize @bullet +@item @math{1}: This enables buffer bounds checking using the value +returned by the @code{__builtin_object_size} compiler builtin function. +If the function returns @code{(size_t) -1}, the function call is left +untouched. Additionally, this level also enables validation of flags to +the @code{open}, @code{open64}, @code{openat} and @code{openat64} +functions. + +@item @math{2}: This behaves like @math{1}, with the addition of some +checks that may trap code that is conforming but unsafe, e.g. accepting +@code{%n} only in read-only format strings. + +@item @math{3}: This enables buffer bounds checking using the value +returned by the @code{__builtin_dynamic_object_size} compiler builtin +function. If the function returns @code{(size_t) -1}, the function call +is left untouched. Fortification at this level may have a impact on +program performance if the function call that is fortified is frequently +encountered and the size expression returned by +@code{__builtin_dynamic_object_size} is complex. +@end itemize + +The following functions are fortified in @theglibc{}: + +@itemize @bullet +@item @code{asprintf}: Replaced with @code{__asprintf_chk}. + +@item @code{confstr}: Replaced with @code{__confstr_chk}. + +@item @code{dprintf}: Replaced with @code{__dprintf_chk}. + +@item @code{explicit_bzero}: Replaced with @code{__explicit_bzero_chk}. + +@item @code{FD_SET}: Replaced with @code{__fdelt_chk}. + +@item @code{FD_CLR}: Replaced with @code{__fdelt_chk}. + +@item @code{FD_ISSET}: Replaced with @code{__fdelt_chk}. + +@item @code{fgets}: Replaced with @code{__fgets_chk}. + +@item @code{fgets_unlocked}: Replaced with @code{__fgets_unlocked_chk}. + +@item @code{fgetws}: Replaced with @code{__fgetws_chk}. + +@item @code{fgetws_unlocked}: Replaced with @code{__fgetws_unlocked_chk}. + +@item @code{fprintf}: Replaced with @code{__fprintf_chk}. + +@item @code{fread}: Replaced with @code{__fread_chk}. + +@item @code{fread_unlocked}: Replaced with @code{__fread_unlocked_chk}. + +@item @code{fwprintf}: Replaced with @code{__fwprintf_chk}. + +@item @code{getcwd}: Replaced with @code{__getcwd_chk}. + +@item @code{getdomainname}: Replaced with @code{__getdomainname_chk}. + +@item @code{getgroups}: Replaced with @code{__getgroups_chk}. + +@item @code{gethostname}: Replaced with @code{__gethostname_chk}. + +@item @code{getlogin_r}: Replaced with @code{__getlogin_r_chk}. + +@item @code{gets}: Replaced with @code{__gets_chk}. + +@item @code{getwd}: Replaced with @code{__getwd_chk}. + +@item @code{longjmp}: Replaced with @code{__longjmp_chk}. + +@item @code{mbsnrtowcs}: Replaced with @code{__mbsnrtowcs_chk}. + +@item @code{mbsrtowcs}: Replaced with @code{__mbsrtowcs_chk}. + +@item @code{mbstowcs}: Replaced with @code{__mbstowcs_chk}. + +@item @code{memcpy}: Replaced with @code{__memcpy_chk}. + +@item @code{memmove}: Replaced with @code{__memmove_chk}. + +@item @code{mempcpy}: Replaced with @code{__mempcpy_chk}. + +@item @code{memset}: Replaced with @code{__memset_chk}. + +@item @code{obstack_printf}: Replaced with @code{__obstack_printf_chk}. + +@item @code{obstack_vprintf}: Replaced with @code{__obstack_vprintf_chk}. + +@item @code{open}: Replaced with @code{__open_2}. + +@item @code{open64}: Replaced with @code{__open64_2}. + +@item @code{openat}: Replaced with @code{__openat_2}. + +@item @code{openat64}: Replaced with @code{__openat64_2}. + +@item @code{poll}: Replaced with @code{__poll_chk}. + +@item @code{ppoll}: Replaced with @code{__ppoll_chk}. + +@item @code{pread}: Replaced with @code{__pread_chk}. + +@item @code{pread64}: Replaced with @code{__pread64_chk}. + +@item @code{printf}: Replaced with @code{__printf_chk}. + +@item @code{ptsname_r}: Replaced with @code{__ptsname_r_chk}. + +@item @code{read}: Replaced with @code{__read_chk}. + +@item @code{readlink}: Replaced with @code{__readlink_chk}. + +@item @code{readlinkat}: Replaced with @code{__readlinkat_chk}. + +@item @code{realpath}: Replaced with @code{__realpath_chk}. + +@item @code{recv}: Replaced with @code{__recv_chk}. + +@item @code{recvfrom}: Replaced with @code{__recvfrom_chk}. + +@item @code{snprintf}: Replaced with @code{__snprintf_chk}. + +@item @code{sprintf}: Replaced with @code{__sprintf_chk}. + +@item @code{stpcpy}: Replaced with @code{__stpcpy_chk}. + +@item @code{stpncpy}: Replaced with @code{__stpncpy_chk}. + +@item @code{strcat}: Replaced with @code{__strcat_chk}. + +@item @code{strcpy}: Replaced with @code{__strcpy_chk}. + +@item @code{strncat}: Replaced with @code{__strncat_chk}. + +@item @code{strncpy}: Replaced with @code{__strncpy_chk}. + +@item @code{swprintf}: Replaced with @code{__swprintf_chk}. + +@item @code{syslog}: Replaced with @code{__syslog_chk}. + +@item @code{ttyname_r}: Replaced with @code{__ttyname_r_chk}. + +@item @code{vasprintf}: Replaced with @code{__vasprintf_chk}. + +@item @code{vdprintf}: Replaced with @code{__vdprintf_chk}. + +@item @code{vfprintf}: Replaced with @code{__vfprintf_chk}. + +@item @code{vfwprintf}: Replaced with @code{__vfwprintf_chk}. + +@item @code{vprintf}: Replaced with @code{__vprintf_chk}. + +@item @code{vsnprintf}: Replaced with @code{__vsnprintf_chk}. + +@item @code{vsprintf}: Replaced with @code{__vsprintf_chk}. + +@item @code{vswprintf}: Replaced with @code{__vswprintf_chk}. + +@item @code{vsyslog}: Replaced with @code{__vsyslog_chk}. + +@item @code{vwprintf}: Replaced with @code{__vwprintf_chk}. + +@item @code{wcpcpy}: Replaced with @code{__wcpcpy_chk}. + +@item @code{wcpncpy}: Replaced with @code{__wcpncpy_chk}. + +@item @code{wcrtomb}: Replaced with @code{__wcrtomb_chk}. + +@item @code{wcscat}: Replaced with @code{__wcscat_chk}. + +@item @code{wcscpy}: Replaced with @code{__wcscpy_chk}. + +@item @code{wcsncat}: Replaced with @code{__wcsncat_chk}. + +@item @code{wcsncpy}: Replaced with @code{__wcsncpy_chk}. + +@item @code{wcsnrtombs}: Replaced with @code{__wcsnrtombs_chk}. + +@item @code{wcsrtombs}: Replaced with @code{__wcsrtombs_chk}. + +@item @code{wcstombs}: Replaced with @code{__wcstombs_chk}. + +@item @code{wctomb}: Replaced with @code{__wctomb_chk}. + +@item @code{wmemcpy}: Replaced with @code{__wmemcpy_chk}. + +@item @code{wmemmove}: Replaced with @code{__wmemmove_chk}. + +@item @code{wmempcpy}: Replaced with @code{__wmempcpy_chk}. + +@item @code{wmemset}: Replaced with @code{__wmemset_chk}. + +@item @code{wprintf}: Replaced with @code{__wprintf_chk}. + +@end itemize + + @node Symbol handling @appendixsec Symbol handling in the GNU C Library
There have been multiple requests to provide more detail on how the _FORTIFY_SOURCE macro works, so this patch adds a new node in the Library Maintenance section that does this. A lot of the description is implementation detail, which is why I put this in the appendix and not in the main documentation. Resolves: BZ #28998. Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org> --- Changes from v2: - More massaging of the summary. Changes from v1: - Adjust wording to cover the non-buffer-overflow validation - Update function list - remove redundant 'See' manual/creature.texi | 2 + manual/maint.texi | 222 +++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 224 insertions(+)