Skip to content

Consider -Wstringop-overflow, -Wno-stringop-overread, and -Wno-stringop-truncation for C and C++ Compiler Hardening Guide #882

Open
@thomasnyman

Description

@thomasnyman

The -Wstringop-overflow, -Wno-stringop-overread, and -Wno-stringop-truncation options warn for code that can be statically determined to cause buffer overflows or memory overruns, truncate the copied string or leave the destination unchanged.

-Wstringop-overflow, in particular, was briefly enabled in Linux 6.8 but ultimately disabled due non-x86_64 build issues (without exact cause).

These options also benefit from GCC access attribute annotations which may make them worth considering.

Resources:

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions