From 1b315235433701e4a974da259b8d651169ddc7ac Mon Sep 17 00:00:00 2001 From: Ariadne Conill Date: Fri, 21 Aug 2020 06:46:22 +0000 Subject: [PATCH 04/35] Turn on -D_FORTIFY_SOURCE=2 by default for C, C++, ObjC, ObjC++, if the optimization level is > 0 --- gcc/c-family/c-cppbuiltin.cc | 4 ++++ gcc/doc/invoke.texi | 6 ++++++ 2 files changed, 10 insertions(+) diff --git a/gcc/c-family/c-cppbuiltin.cc b/gcc/c-family/c-cppbuiltin.cc index 5d64625fcd7..868d69506e4 100644 --- a/gcc/c-family/c-cppbuiltin.cc +++ b/gcc/c-family/c-cppbuiltin.cc @@ -1546,6 +1546,10 @@ c_cpp_builtins (cpp_reader *pfile) builtin_define_with_value ("__REGISTER_PREFIX__", REGISTER_PREFIX, 0); builtin_define_with_value ("__USER_LABEL_PREFIX__", user_label_prefix, 0); + /* Fortify Source enabled by default for optimization levels > 0 */ + if (optimize) + builtin_define_with_int_value ("_FORTIFY_SOURCE", 2); + /* Misc. */ if (flag_gnu89_inline) cpp_define (pfile, "__GNUC_GNU_INLINE__"); diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi index f393c7846c6..ef3c14a189e 100644 --- a/gcc/doc/invoke.texi +++ b/gcc/doc/invoke.texi @@ -11868,6 +11868,12 @@ also turns on the following optimization flags: Please note the warning under @option{-fgcse} about invoking @option{-O2} on programs that use computed gotos. +NOTE: In Alpine Linux, @option{-D_FORTIFY_SOURCE=2} is +set by default, and is activated when @option{-O} is set to 2 or higher. +This enables additional compile-time and run-time checks for several libc +functions. To disable, specify either @option{-U_FORTIFY_SOURCE} or +@option{-D_FORTIFY_SOURCE=0}. + @opindex O3 @item -O3 Optimize yet more. @option{-O3} turns on all optimizations specified -- 2.41.0