[cfe-dev] How clang compares with gcc on security hardening ?
Reid Kleckner via cfe-dev
cfe-dev at lists.llvm.org
Tue Feb 19 15:34:11 PST 2019
On Tue, Feb 19, 2019 at 3:15 PM James Y Knight <jyknight at google.com> wrote:
> If someone wishes to contribute support to glibc to better support these
> fortifications with clang, it should be pretty easy. Simply look at how
> FORTIFY_SOURCE is implemented in the Bionic libc, and do something similar
> to that (with appropriate ifdeffery, because that version is not going to
> work in GCC).
>
It is unfortunate, however, that the two communities haven't settled on an
agreeable set of extensions to implement this feature. I can understand why
glibc wouldn't want a second parallel implementation with it's own set of
bugs requiring its own tests. Getting this right really requires someone
who cares about it enough to get involved in all of the relevant projects
here: glibc, clang, gcc, and maybe even bionic. That sounds like a lot of
work, so I understand why it hasn't been done.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20190219/d8f2a3f7/attachment.html>
More information about the cfe-dev
mailing list