develooper Front page | perl.perl5.porters | Postings from December 2007

[PATCH] perltodo.pod: add -D_FORTIFY_SOURCE and -fstack-protector

Thread Next
Jarkko Hietaniemi
December 5, 2007 19:10
[PATCH] perltodo.pod: add -D_FORTIFY_SOURCE and -fstack-protector
Message ID:
--- perl-5.9.x/pod/perltodo.pod.dist	2007-12-06 04:52:20.000000000 +0200
+++ perl-5.9.x/pod/perltodo.pod	2007-12-06 05:07:19.000000000 +0200
@@ -486,6 +486,14 @@
 Note, of course, that this will only tell whether B<your> platform
 is using those naughty interfaces.
+=head2 -D_FORTIFY_SOURCE=2, -fstack-protector
+Recent glibcs support <-D_FORTIFY_SOURCE=2> and recent gcc
+(4.1 onwards?) supports C<-fstack-protector>, both of which give
+protection against various kinds of buffer overflow problems.
+These should probably be used for compiling Perl whenever available,
+Configure and/or hints files should be adjusted to probe for the
+availability of these features and enable them as appropriate.
 =head1 Tasks that need a knowledge of XS
@@ -638,7 +646,7 @@
 =head2 Organize error messages
 Perl's diagnostics (error messages, see L<perldiag>) could use
-reorganizing so that each error message has its
+reorganizing and formalizing  so that each error message has its
 stable-for-all-eternity unique id, categorized by severity, type, and
 subsystem.  (The error messages would be listed in a datafile outside
 of the Perl source code, and the source code would only refer to the
@@ -656,7 +664,7 @@
 This kind of functionality is known as I<message catalogs>.  Look for
 inspiration for example in the catgets() system, possibly even use it
 if available-- but B<only> if available, all platforms will B<not>
+have catgets().
 For the really pure at heart, consider extending this item to cover
 also the warning messages (see L<perllexwarn>, C<>).

Thread Next Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About