About Ubuntu security
Kees Cook
kees at ubuntu.com
Wed Aug 1 01:02:16 UTC 2007
On Tue, Jul 31, 2007 at 04:39:31PM -0700, Ng, Cheon-woei wrote:
> Another security option mentioned to me is to compile applications with
> this option: -D_FORTIFY_SOURCE=2.
Correct (though it requires -O2 or higher too). This solves another
class of sprintf-instead-of-snprintf bugs, by letting the compiler call
the size-limiting versions of functions when it knows the size of a
target buffer. For example, this code:
int func(char *input)
{
char buf[80];
sprintf(buf,"stuff: %s\n",input);
printf("%s",buf);
}
is turned (at compile time) into:
int func(char *input)
{
char buf[80];
snprintf(buf,80,"stuff: %s\n",input); /* this is now snprintf */
printf("%s",buf);
}
> Is this option part of gcc in Ubuntu?
This needs to be changed on a per-package basis in Ubuntu at the moment,
but there are plans to create a more centralized set of compile-time
options when building the archive. Some of the discussion is here:
https://lists.ubuntu.com/archives/ubuntu-devel/2007-May/023597.html
-Kees
--
Kees Cook
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-server/attachments/20070731/36c00de4/attachment.pgp>
More information about the ubuntu-server
mailing list