(In reply to comment #102)
> (In reply to comment #101)
>
> > Of course, it would be even better if the distro also made it easy for
> > developers to see the bad memcpy's, so that they can fix their apps.
>
> This is probably already done: using -D_FORTIFY_SOURCE=1 enable use of
> __builtin___memcpy_chk()
Nope.
When looking at glibc (and gcc), _FORTIFY_SOURCE only enable checks for
overflow, not overlap.
(In reply to comment #102) __memcpy_ chk()
> (In reply to comment #101)
>
> > Of course, it would be even better if the distro also made it easy for
> > developers to see the bad memcpy's, so that they can fix their apps.
>
> This is probably already done: using -D_FORTIFY_SOURCE=1 enable use of
> __builtin_
Nope.
When looking at glibc (and gcc), _FORTIFY_SOURCE only enable checks for
overflow, not overlap.