[Bug 294881] test failures with FORTIFY_SOURCE=2

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 294881] test failures with FORTIFY_SOURCE=2"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Thu, 30 Apr 2026 01:53:23 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=294881

--- Comment #2 from Kyle Evans <kevans@freebsd.org> ---
Hmm, I have mixed feelings here.  These are all good examples of things
designed to take a buffer size and it's not unreasonable for us to let these
transgressions slide because the functions are designed acccordingly, on paper,
to handle these situations.  However, the flip side of that:

  1. We're triggering because we *do* know the buffer size, and we know that
they're trying to exceed that.  How do you tell the difference between a
logical error, and someone maybe trying to do something malicious?

  2. Following the latter part of that question, if they *are* trying to do
something malicious, is it better to err on the side of caution or to rely on
the fact that we're testing the correct handling of this scenario?

My first instinct is to err on the side of caution and assume that the
implementation could be flawed, disable FORTIFY_SOURCE (or at least these
specific fortified shims) for these tests so that we have coverage for the
scenario that the size is wrong, but still crash out at runtime.

-- 
You are receiving this mail because:
You are the assignee for the bug.