Ubuntu
gcc-13 package

Please add -D_FORTIFY_SOURCE=3 to default build flags

Bug #2012440 reported by Mark Esler
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
gcc-13 (Ubuntu)
Fix Released
High
Unassigned
Ubuntu ubuntu-24.04

Bug Description

Please use "-D_FORTIFY_SOURCE=3" in GCC 12 and 13 instead of "-D_FORTIFY_SOURCE=2".

_FORITFY_SOURCE mitigates buffer overflows and is currently used in Ubuntu with _FORTIFY_SOURCE=2 [0]. This newer option is better at buffer size detection and has greater coverage [1]. When Fedora assessed changing _FORTIFY_SOURCE=2 to _FORTIFY_SOURCE=3, they found mitigation coverage increased 240% on average [2]. This is a default build flag in Gentoo Hardened (2022), Fedora (2023), OpenSUSE (2023), and has been approved to be enabled in Arch (2023) [3]. There is no real-world performance difference between _FORTIFY_SOURCE=2 and _FORTIFY_SOURCE=3 [4].

[0] https://wiki.ubuntu.com/ToolChain/CompilerFlags#A-D_FORTIFY_SOURCE.3D2
[1] https://developers.redhat.com/articles/2022/09/17/gccs-new-fortification-level
[2] https://fedoraproject.org/wiki/Changes/Add_FORTIFY_SOURCE%3D3_to_distribution_build_flags
[3] https://github.com/jvoisin/compiler-flags-distro
[4] https://gotplt.org/posts/fortify-source-3-performance.html

See original description
Tags: sec-1859
Mark Esler (eslerm)
tags: added: sec-1859
Revision history for this message
Mark Esler (eslerm) wrote :

_FORTIFY_SOURCE=3 breaks code which uses malloc_usable_size in an unsafe way [0][1][2]. A glibc dev commented that systemd was the only known affected package [3].

[0] https://sourceware.org/pipermail/libc-alpha/2022-November/143599.html
[1] https://github.com/systemd/systemd/issues/22801
[2] https://manpages.ubuntu.com/manpages/lunar/en/man3/malloc_usable_size.3.html
[3] https://github.com/systemd/systemd/issues/22801#issuecomment-1344402212

Mark Esler (eslerm)
Changed in gcc-12 (Ubuntu):
importance: Undecided → High
Mark Esler (eslerm)
Changed in gcc-13 (Ubuntu):
importance: Undecided → High
description: updated
Mark Esler (eslerm)
description: updated
Revision history for this message
Mark Esler (eslerm) wrote :

Siddhesh Poyarekar fixed systemd [0] and pointed out a related and fixed issue in redis [1].

[0] https://github.com/systemd/systemd/commit/7929e180aa47a2692ad4f053afac2857d7198758
[1] https://github.com/redis/redis/pull/11982

Revision history for this message
Mark Esler (eslerm) wrote :

See kpcyrd et al.'s work to prepare Arch for -D_FORTIFY_SOURCE=3 [0].

[0] https://archlinux.org/todo/prepare-packages-for-d_fortify_source3/

description: updated
Changed in gcc-13 (Ubuntu):
milestone: none → ubuntu-24.04
description: updated
description: updated
description: updated
Revision history for this message
Mark Esler (eslerm) wrote (last edit ):

Updates for this flag in gcc-13 will not include package documentation until LP#2046279 is addressed.

I'll help and followup however I can.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package gcc-13 - 13.2.0-9ubuntu1

---------------
gcc-13 (13.2.0-9ubuntu1) noble; urgency=medium

  * Merge with Debian; remaining changes:
    - Build from upstream sources.

gcc-13 (13.2.0-9) unstable; urgency=medium

  * Update to git 20231214 from the gcc-13 branch.
    - Fix PR target/112891 (x86), PR target/112845 (x86),
      PR target/112837 (x86), PR target/112816 (x86), PR target/111408 (x86),
      PR tree-optimization/111967, PR c/112339, PR c++/110106, PR c++/112410,
      PR c++/109876, PR c++/112795, PR fortran/93762, PR fortran/100651,
      PR libgomp/111413, PR libstdc++/111826, PR libstdc++/111948,
      PR libstdc++/112480, PR libstdc++/112473, PR libstdc++/112832,
      PR libstdc++/110133.
  * Backport libiberty: Use x86 HW optimized sha1 and followup patch,
    needed for the combined build.
  * Use DEB_BUILD_OPTIONS='... gcc-ice=nodump' for turning off dumping
    the preprocessed source to stdout. Closes: #1057635.
  * Set DEB_BUILD_OPTIONS='... gcc-ice=nodump' when running the testsuite.
  * Default to pie on loong64. Closes: #1057433.
  * For Ubuntu 24.04 LTS and later, switch _FORTIFY_SOURCE to 3 by default
    instead of 2 when optimization is enabled. LP: #2012440.

 -- Matthias Klose <email address hidden> Thu, 14 Dec 2023 20:00:20 +0100

Changed in gcc-13 (Ubuntu):
status: New → Fix Released
Revision history for this message
Mark Esler (eslerm) wrote :

Thank you Doko \o/

no longer affects: gcc-12 (Ubuntu)
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.