fortify source works for strcat, but not for strcpy

Lasse Kliemann lasse-hlfs-2008 at
Tue Apr 29 07:20:27 PDT 2008

I have a setup where fortify source works well for strcat but not for strcpy, 
unless precisely -Os is used for optimization; all other levels of 
optimization do not work. My setup is constructed mainly using current 
development LFS with additions taken from current HLFS. In particular I use 
glibc 2.7, binutils 2.18, and gcc 4.1.2 The applied patches are:
[ I left out all other binutils patches, since they did not apply cleanly on 
  2.18; many of them were detected as being already applied. ]

All tests concerning stack protection work, and fortify source works for 
strcat. However, like I wrote, fortify source refuses to work with strcpy 
unless -Os is used. Example program:

#include <string.h>
int main()
 char buf[2];
 return 0;

Compiling that with

  gcc -fno-stack-protector -O2

gives no warning. I can run the program; it will not be aborted. If using

  gcc -fno-stack-protector -Os

I get the expected compile-time warning

  /usr/include/bits/string3.h: In function 'main':
  /usr/include/bits/string3.h:145: warning: call to __builtin___strcat_chk will always overflow destination buffer

and the program is aborted on run-time.

Maybe someone can give me a hint were to start looking?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 835 bytes
Desc: not available
URL: <>

More information about the hlfs-dev mailing list