[PATCH v2] Updates for stricter automatic memcpy bounds checking

Jouni Malinen j
Mon Apr 13 11:02:09 PDT 2015

On Sun, Apr 12, 2015 at 01:20:26PM -0700, Nick Kralevich wrote:
> Both Android's libc and glibc support _FORTIFY_SOURCE, a compiler
> and libc feature which inserts automatic bounds checking into
> common C functions such as memcpy() and strcpy(). If a buffer
> overflow occurs when calling a hardened libc function, the
> automatic bounds checking will safely shutdown the program and
> prevent memory corruption.
> Android is experimenting with _FORTIFY_SOURCE=3, a new fortify
> level which enhances memcpy() to prevent overflowing an element
> of a struct. Under the enhancements, code such as

Thanks, applied.

Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list