fortify-headers

standalone fortify-source implementation
git clone git://git.2f30.org/fortify-headers
Log | Files | Refs | README | LICENSE

README.md (2197B)

      1 # What is it?
      2 
      3 This is a [standalone implementation](https://git.2f30.org/fortify-headers/) of
      4 [fortify source]( http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html )
      5 level 3, providing compile time security checks. It is libc-agnostic and simply
      6 overlays the system headers by using the
      7 [`#include_next`](https://gcc.gnu.org/onlinedocs/cpp/Wrapper-Headers.html)
      8 extension found in GCC, and [black
      9 magic](https://github.com/jvoisin/fortify-headers/commit/fe149628eaae9748be08815d726cc56e8e492c73)
     10 on Clang. It was initially intended to be used on
     11 [musl](http://www.musl-libc.org/) based Linux
     12 distributions like [Alpine Linux](https://alpinelinux.org),
     13 [Chimera Linux](https://chimera-linux.org/).
     14 
     15 
     16 # Features
     17 
     18 - It is portable, works on *BSD, Linux, Solaris and possibly others.
     19 - It will only trap non-conformant programs. This means that fortify
     20   level 2 is treated in the same way as level 1.
     21 - Avoids making function calls when undefined behaviour has already been
     22   invoked. This is handled by using `__builtin_trap()`.
     23 - Support for out-of-bounds read interfaces, such as send(), write(), fwrite() etc.
     24 - No ABI is enforced. All of the fortify check functions are inlined
     25   into the resulting binary.
     26 - It has a comprehensive suite of
     27   tests, running on multiple versions of Clang and GCC,
     28   as well as on C89, C99, C11 and C17.
     29 
     30 
     31 # Sample usage
     32 
     33 If you want to quickly test it, you can try something like the following:
     34 
     35 ```
     36 cat > fgets.c <<EOF
     37 #include <stdio.h>
     38 int
     39 main(void)
     40 {
     41 	char buf[BUFSIZ];
     42 	fgets(buf, sizeof(buf) + 1, stdin);
     43 	return 0;
     44 }
     45 EOF
     46 cc -I<path-to-fortify-include-dir> -D_FORTIFY_SOURCE=3 -O1 fgets.c
     47 ./a.out
     48 ```
     49 
     50 At this point, the program will safely crash.
     51 
     52 
     53 Supported interfaces
     54 ====================
     55 
     56 FD_CLR
     57 FD_SET
     58 bcopy
     59 bzero
     60 confstr
     61 fgets
     62 fgetws
     63 fread
     64 fwrite
     65 getcwd
     66 getdomainname
     67 getgroups
     68 gethostname
     69 getlogin_r
     70 mbsnrtowcs
     71 mbsrtowcs
     72 mbstowcs
     73 memcpy
     74 memmove
     75 mempcpy
     76 memset
     77 poll
     78 ppoll
     79 pread
     80 read
     81 readlink
     82 readlinkat
     83 realpath
     84 recv
     85 recvfrom
     86 send
     87 sendto
     88 snprintf
     89 sprintf
     90 stpcpy
     91 stpncpy
     92 strcat
     93 strcpy
     94 strlcat
     95 strlcpy
     96 strncat
     97 strncpy
     98 ttyname_r
     99 vsnprintf
    100 vsprintf
    101 wcrtomb
    102 wcscat
    103 wcscpy
    104 wcsncat
    105 wcsncpy
    106 wcsnrtombs
    107 wcsrtombs
    108 wcstombs
    109 wmemcpy
    110 wmemmove
    111 wmemset
    112 write