Next: , Previous: , Up: Library Maintenance   [Contents][Index]

D.2 Fortification of function calls

This section contains implementation details of the GNU C Library and may not remain stable across releases.

The _FORTIFY_SOURCE macro may be defined by users to control hardening of calls into some functions in the GNU C Library. The definition should be at the top of the source file before any headers are included or at the pre-processor commandline using the -D switch. The hardening primarily focuses on accesses to buffers passed to the functions but may also include checks for validity of other inputs to the functions.

When the _FORTIFY_SOURCE macro is defined, it enables code that validates inputs passed to some functions in the GNU C Library to determine if they are safe. If the compiler is unable to determine that the inputs to the function call are safe, the call may be replaced by a call to its hardened variant that does additional safety checks at runtime. Some hardened variants need the size of the buffer to perform access validation and this is provided by the __builtin_object_size or the __builtin_dynamic_object_size builtin functions. _FORTIFY_SOURCE also enables additional compile time diagnostics, such as unchecked return values from some functions, to encourage developers to add error checking for those functions.

At runtime, if any of those safety checks fail, the program will terminate with a SIGABRT signal. _FORTIFY_SOURCE may be defined to one of the following values:

In general, the fortified variants of the function calls use the name of the function with a __ prefix and a _chk suffix. There are some exceptions, e.g. the printf family of functions where, depending on the architecture, one may also see fortified variants have the _chkieee128 suffix or the __nldbl___ prefix to their names.

Another exception is the open family of functions, where their fortified replacements have the __ prefix and a _2 suffix. The FD_SET, FD_CLR and FD_ISSET macros use the __fdelt_chk function on fortification.

The following functions and macros are fortified in the GNU C Library:

Next: Symbol handling in the GNU C Library, Previous: Adding New Functions, Up: Library Maintenance   [Contents][Index]