Standalone portable header-based implementation of FORTIFY_SOURCE=3 http://git.dustri.org/fortify-headers/atom?h=annotations 2025-11-14T12:55:31Z 2025-11-14T12:55:31Z jvoisin 2025-11-12T21:28:13Z urn:sha1:bf242b15e1f7873bdb940c2441b5e57747bc2f81 2025-10-31T21:16:21Z jvoisin 2025-10-31T14:55:01Z urn:sha1:4a26785c0cab4686e5825fe5f5e921d12e7142b7 Co-Authored-By: Sertonix <sertonix@posteo.net> 2025-10-31T21:16:21Z Daniel Kolesa 2022-10-25T22:30:00Z urn:sha1:f46714c2f9eb13c12c8218f1b7c045182041fdc9 Co-Authored-By: jvoisin <julien.voisin@dustri.org> 2025-10-31T21:16:21Z Daniel Kolesa 2022-11-01T19:14:54Z urn:sha1:8915dc13de44fed3a076a9fd51eb1ab2b5502d7b It seems useless and triggers 'error: expected external declaration' 2025-10-31T21:16:21Z jvoisin 2023-03-18T13:01:02Z urn:sha1:249492e08adbf034976770ab3b021ba093a2ab18 GCC and Clang provide __builtin_dynamic_object_size (see documentation: https://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html), so we should make use of it when its available. 2019-03-13T17:47:50Z info@mobile-stream.com 2019-03-13T12:55:48Z urn:sha1:9e65ae387cb7dc955042a1c98c4e8448b01e172c First, we should never check the size of __s if __l == 0 since the array is not going to be modified in that case. Second, negative __l is a well-defined error case (EINVAL) and we should never trap on a conforming code like this: r = getgroups(-1, NULL); if (r == -1) ... An example of non-desired behaviour for negative __l is the gnulib configure script which checks for getgroups(-1, ...) to catch some ancient FreeBSD kernel bug. The conftest binary traps even on good system (e.g. linux/musl) and the unnecessary getgroups wrapper is enforced for any project that uses gnulib. This patch also changes the size_t cast to avoid the explicit zero extension on systems where size_t differs from unsigned int. 2018-07-24T10:00:30Z A. Wilcox 2018-06-23T22:57:48Z urn:sha1:a9ffac8596b094da8563aa5dd5d81c946670afe5 A few important notes: * __extension__ is a GNU C "alternate" keyword, not a C++ keyword.[1] * __extension__ is designed to work on "expressions"; it does work on #include_next in C mode, but it has no effect in C++ mode; the warning will still appear, if enabled, even with __extension__ preceding #include_next. This is because #include_next is not considered an expression in C++, so the compiler attaches __extension__ to the first expression of the header. All of this leads us to a build failure while building at least all Mozilla software. Moz has an alternate -isystem dir searched before /usr/include that overrides some headers, including <features.h>. The first statement in each of these headers is a #pragma, and since __extension__ is looking for an expression, and #pragma is a "null" expression, we end up with the following error: dist/system_wrappers/features.h:1:9: error: '#pragma' is not allowed here Since __extension__ has no effect on #include_next in C++ mode anyway, and since it can cause breakage, this commit omits __extension__ in C++ mode. [1]: https://gcc.gnu.org/onlinedocs/gcc-6.4.0/gcc/Alternate-Keywords.html 2016-09-10T11:54:17Z sin 2016-09-10T11:54:06Z urn:sha1:2bc423c355a992fea2f95724235898218575c95e 2015-07-15T15:05:52Z sin 2015-07-15T15:05:52Z urn:sha1:a51406af124e712bc943b29c73fdf219e003ffaa Do not crash unless the overflow would actually happen. 2015-06-25T09:18:26Z Steven Barth 2015-06-24T18:13:37Z urn:sha1:7fd984fcb532be01f68cddc194c09a7ca10c1ea6 Signed-off-by: Steven Barth <steven@midlink.org>