From 666d0aeb808ac9c10d065ae7b196695c81a25a20 Mon Sep 17 00:00:00 2001 From: Ariadne Conill Date: Fri, 21 Aug 2020 06:46:22 +0000 Subject: [PATCH] Turn on -D_FORTIFY_SOURCE=2 by default for C, C++, ObjC, ObjC++, if the optimization level is > 0 --- gcc/c-family/c-cppbuiltin.cc | 4 ++++ gcc/doc/invoke.texi | 6 ++++++ 2 files changed, 10 insertions(+) diff --git a/gcc/c-family/c-cppbuiltin.cc b/gcc/c-family/c-cppbuiltin.cc index 4672ae8486a..573c021e1e8 100644 --- a/gcc/c-family/c-cppbuiltin.cc +++ b/gcc/c-family/c-cppbuiltin.cc @@ -1510,6 +1510,10 @@ c_cpp_builtins (cpp_reader *pfile) builtin_define_with_value ("__REGISTER_PREFIX__", REGISTER_PREFIX, 0); builtin_define_with_value ("__USER_LABEL_PREFIX__", user_label_prefix, 0); + /* Fortify Source enabled by default for optimization levels > 0 */ + if (optimize) + builtin_define_with_int_value ("_FORTIFY_SOURCE", 2); + /* Misc. */ if (flag_gnu89_inline) cpp_define (pfile, "__GNUC_GNU_INLINE__"); diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi index 83bd1bde433..dda299a9987 100644 --- a/gcc/doc/invoke.texi +++ b/gcc/doc/invoke.texi @@ -10896,6 +10896,12 @@ also turns on the following optimization flags: Please note the warning under @option{-fgcse} about invoking @option{-O2} on programs that use computed gotos. +NOTE: In Alpine Linux, @option{-D_FORTIFY_SOURCE=2} is +set by default, and is activated when @option{-O} is set to 2 or higher. +This enables additional compile-time and run-time checks for several libc +functions. To disable, specify either @option{-U_FORTIFY_SOURCE} or +@option{-D_FORTIFY_SOURCE=0}. + @item -O3 @opindex O3 Optimize yet more. @option{-O3} turns on all optimizations specified