Distinction between fortify source level
asarubbo opened this issue · 3 comments
asarubbo commented
Hello,
since a while FORTIFY_SOURCE=3 was added:
https://developers.redhat.com/blog/2021/04/16/broadening-compiler-checks-for-buffer-overflows-in-_fortify_source
I didn't dig into it to understand if it is possible to distinguish between 2 and 3 but would be great report which level of fortify has an elf.
Thanks
Artoria2e5 commented
The difference from 2 is this __builtin_dynamic_object_size bit, but it probably won't show up in the symbol table.
petervas commented
@slimm609 I think this can be closed. There does not seem to be a stable way to detect the level currently.
slimm609 commented
Yes, This can be closed. After a pretty large amount of investigation, a way to detect the level could not be accurately identified