| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2024-05-26 | Add vasprintf/asprintf2.3 | jvoisin | |
| The only hardening being done here is to set the char** parameter to thos functions to NULL in case of an error, to prevent it from being used should people forget to check return values. This is already done on some BSD, as well as in Rocky Linux. | |||
| 2023-12-15 | Rename some macros to be more namespace-friendly | q66 | |
| 2023-12-15 | Guard some conditional stdio APIs with the right macros | q66 | |
| Fixes https://github.com/jvoisin/fortify-headers/issues/34 | |||
| 2023-12-15 | Remove superfluous includes | jvoisin | |
| This should fix #32 | |||
| 2023-12-06 | Work around an erroneous `-Wformat-nonliteral` bug in gcc | jvoisin | |
| See https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110834 Reported-by: ksperling-apple | |||
| 2023-10-01 | Add vfprintf` | jvoisin | |
| 2023-10-01 | Add `fprintf` | jvoisin | |
| 2023-09-30 | Add `vprintf` | jvoisin | |
| 2023-09-29 | Make use of the native _chk variants for real | jvoisin | |
| 2023-09-28 | Add `printf` hardening | jvoisin | |
| 2023-09-27 | Add support for more builtin compiler provided _chk variants | jvoisin | |
| 2023-09-27 | Add an option to make use of compiler-provided _chk builtins | jvoisin | |
| 2023-09-22 | Add more __diagnose_as_builtin annotations | jvoisin | |
| 2023-09-21 | Properly enable diagnose_as_builtin attribute | jvoisin | |
| 2023-08-22 | Clean up some includes | jvoisin | |
| - Remove a superfluous `#if defined(__has_builtin)` since it's already accounted for in include/fortify-headers.h - Replace `_FORTIFY_FD_POS0` with the already existing `_FORTIFY_POS0` - Factorise some duplicate code into a macro | |||
| 2023-08-20 | Add more __access annotations in stdio.h | jvoisin | |
| 2023-08-20 | Add two __format annotations | jvoisin | |
| 2023-08-20 | Make use of __diagnose_as_builtin | jvoisin | |
| 2023-08-20 | Fix clang build | jvoisin | |
| - s/CLFAGS/CFLAGS/ - provide paths to local includes - sprinkle more __pass_object_size__ - remove a problematic test | |||
| 2023-07-09 | Add some malloc annotations | jvoisin | |
| 2023-07-09 | Add some `format` annotations | jvoisin | |
| 2023-07-09 | Improve a bit `size_t*size_t` overflow checks | jvoisin | |
| 2023-06-27 | Add more access-annotations | jvoisin | |
| 2023-06-25 | add initial clang support | Daniel Kolesa | |
| 2023-06-25 | avoid __extension__ with clang | Daniel Kolesa | |
| It seems useless and triggers 'error: expected external declaration' | |||
| 2023-06-22 | Add an annotation for fgets | jvoisin | |
| 2023-04-13 | Make use of __builtin_dynamic_object_size | jvoisin | |
| GCC and Clang provide __builtin_dynamic_object_size (see documentation: https://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html), so we should make use of it when its available. | |||
| 2018-07-24 | Don't use __extension__ in C++ code | A. Wilcox | |
| A few important notes: * __extension__ is a GNU C "alternate" keyword, not a C++ keyword.[1] * __extension__ is designed to work on "expressions"; it does work on #include_next in C mode, but it has no effect in C++ mode; the warning will still appear, if enabled, even with __extension__ preceding #include_next. This is because #include_next is not considered an expression in C++, so the compiler attaches __extension__ to the first expression of the header. All of this leads us to a build failure while building at least all Mozilla software. Moz has an alternate -isystem dir searched before /usr/include that overrides some headers, including <features.h>. The first statement in each of these headers is a #pragma, and since __extension__ is looking for an expression, and #pragma is a "null" expression, we end up with the following error: dist/system_wrappers/features.h:1:9: error: '#pragma' is not allowed here Since __extension__ has no effect on #include_next in C++ mode anyway, and since it can cause breakage, this commit omits __extension__ in C++ mode. [1]: https://gcc.gnu.org/onlinedocs/gcc-6.4.0/gcc/Alternate-Keywords.html | |||
| 2016-09-10 | Bump copyright year | sin | |
| 2015-06-25 | Add __extension__ mark to include_next to silence -pedantic | Steven Barth | |
| Signed-off-by: Steven Barth <steven@midlink.org> | |||
| 2015-06-03 | Use namespace-safe macro, param and variable names | Trutz Behn | |
| 2015-05-13 | Add LICENSE header | sin | |
| 2015-05-13 | Add fortify_fn() helper in fortify-headers.h | sin | |
| 2015-03-14 | Use __typeof__ to in part avoid replicating function types | Trutz Behn | |
| 2015-03-14 | Fix typo in attribute name | Trutz Behn | |
| 2015-03-14 | Add __artificial__ to aid in debugging | sin | |
| 2015-03-13 | Restore C++ support | sin | |
| 2015-03-13 | Implement snprintf() and sprintf() using __builtin_va_arg_pack() | sin | |
| Requires at least GCC 4.3. | |||
| 2015-03-13 | Re-order vsnprintf() and vsprintf() | sin | |
| vsprintf() needs to access __vsnprintf_orig(). | |||
| 2015-03-13 | Fix typo | sin | |
| 2015-03-13 | Rework fortify implementation to use extern inline | sin | |
| Overriding functions with macros is legal in C but a lot of software is not prepared for it. Use the extern inline method to achieve the same result. | |||
| 2015-03-11 | Put include guards in the reserved namespace | Trutz Behn | |
| fortify-headers is considered part of the implementation. | |||
| 2015-03-11 | Ignore C++ for now | sin | |
| It is not legal to override standard functions using macros in C++. We may have to revisit this in the future. | |||
| 2015-03-11 | Add ifdef guards for C++ code | sin | |
| 2015-03-03 | Fix signed/unsigned warning | sin | |
| 2015-03-03 | Remove gcc attribute decoration | sin | |
| 2015-03-03 | Don't trap on error for vsprintf() and friends | sin | |
| 2015-03-01 | Add fwrite() check | sin | |
| 2015-03-01 | Add fread() check | sin | |
| 2015-03-01 | Add vsprintf() check | sin | |
 |
index : fortify-headers | |
| Standalone portable header-based implementation of FORTIFY_SOURCE=3 |
| summaryrefslogtreecommitdiff |