[PATCH v2] Updates for stricter automatic memcpy bounds checking
Jouni Malinen
j
Mon Apr 13 11:02:09 PDT 2015
On Sun, Apr 12, 2015 at 01:20:26PM -0700, Nick Kralevich wrote:
> Both Android's libc and glibc support _FORTIFY_SOURCE, a compiler
> and libc feature which inserts automatic bounds checking into
> common C functions such as memcpy() and strcpy(). If a buffer
> overflow occurs when calling a hardened libc function, the
> automatic bounds checking will safely shutdown the program and
> prevent memory corruption.
>
> Android is experimenting with _FORTIFY_SOURCE=3, a new fortify
> level which enhances memcpy() to prevent overflowing an element
> of a struct. Under the enhancements, code such as
...
Thanks, applied.
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list