From 5060f83f84478ddfa288ce8498bc1067d201f878 Mon Sep 17 00:00:00 2001 From: Ariadne Conill Date: Fri, 21 Aug 2020 06:46:22 +0000 Subject: [PATCH] Turn on -D_FORTIFY_SOURCE=2 by default for C, C++, ObjC, ObjC++, if the optimization level is > 0 --- gcc/c-family/c-cppbuiltin.c | 4 ++++ gcc/doc/invoke.texi | 6 ++++++ 2 files changed, 10 insertions(+) diff --git a/gcc/c-family/c-cppbuiltin.c b/gcc/c-family/c-cppbuiltin.c index db91a36794a..ed976c71404 100644 --- a/gcc/c-family/c-cppbuiltin.c +++ b/gcc/c-family/c-cppbuiltin.c @@ -1385,6 +1385,10 @@ c_cpp_builtins (cpp_reader *pfile) builtin_define_with_value ("__REGISTER_PREFIX__", REGISTER_PREFIX, 0); builtin_define_with_value ("__USER_LABEL_PREFIX__", user_label_prefix, 0); + /* Fortify Source enabled by default for optimization levels > 0 */ + if (optimize) + builtin_define_with_int_value ("_FORTIFY_SOURCE", 2); + /* Misc. */ if (flag_gnu89_inline) cpp_define (pfile, "__GNUC_GNU_INLINE__"); diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi index 4885efe3247..a3e5e002fa5 100644 --- a/gcc/doc/invoke.texi +++ b/gcc/doc/invoke.texi @@ -9230,6 +9230,12 @@ also turns on the following optimization flags: Please note the warning under @option{-fgcse} about invoking @option{-O2} on programs that use computed gotos. +NOTE: In Alpine Linux, @option{-D_FORTIFY_SOURCE=2} is +set by default, and is activated when @option{-O} is set to 2 or higher. +This enables additional compile-time and run-time checks for several libc +functions. To disable, specify either @option{-U_FORTIFY_SOURCE} or +@option{-D_FORTIFY_SOURCE=0}. + @item -O3 @opindex O3 Optimize yet more. @option{-O3} turns on all optimizations specified -- 2.30.1