Hacker News new | past | comments | ask | show | jobs | submit login

I would imagine false positives could be a huge problem. The behavior if a violation is detected is to gracefully terminate the program, so you could end up with more (but less exploitable) crashes than without FORTIFY_SOURCE.



Just to clarify: false positives in the sense that memory safety is violated intentionally as described in the article with relation to realloc and similar hacks, which would normally not cause problems.


If you use a pointer that’s been realloc’d, then I would not be surprised at all if gcc simply deletes the call to realloc.


I would be surprised in the general case. Realloc does have side effects and the size parameter can be known at runtime only, etc.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: