This page documents the Ubuntu-specific default compiler flags in the toolchain. Based on the work from GccSsp, [:Security/HardeningWrapper], and DistCompiler. Please attempt to fix a source package's problems before disabling a given compiler feature.
First enabled in Ubuntu 6.10. See GccSsp for further details. Most problems are related to packages that do not use stdlib directly (kernel modules, certain libraries, etc).
'__stack_chk_fail' symbol not found
- Indicates a program was compiled to expect to have the stdlib available, but did not.
*** stack smashing detected *** Aborted
- A function did not correctly maintain its stack variables. Usually indicates a stack buffer overflow.
Disabled with -fno-stack-protector or -nostdlib in CPPFLAGS.
First enabled in Ubuntu 8.10. See [:Security/FortifySource] for further details. Most problems are related to common unsafe uses of certain libc functions.
error: ignoring return value of 'int system(const char*)', declared with attribute warn_unused_result
The return value from system() functions should be evaluated and handled appropriately.
error: call to '__open_missing_mode' declared with attribute error: open with O_CREAT in second argument needs 3 arguments
When using open() with O_CREAT, best-practice is to define a valid mode argument.
warning: call to ‘__read_chk_warn’ declared with attribute warning: read called with bigger length than size of the destination buffer
The call to read() was done into a buffer with the wrong size. Double-check the size argument and the buffer size.
warning: passing argument 1 of 'memcpy' discards qualifiers from pointer target type warning: passing argument 1 of 'strcpy' discards qualifiers from pointer target type
Code compiled with -Werror and using memcpy/strcpy/etc with qualifier overrides will fail. This is a bug in glibc 2.7. See [https://launchpad.net/bugs/217481].
*** %n in writable segment detected *** Aborted
Use of "%n" in a format string is limited to read-only memory (not stack or heap allocated strings).
*** buffer overflow detected *** Aborted
A call to sprintf should be changed to use snprintf, or a too-small buffer was read into (see read() warnings above).
Reduced checking via -D_FORTIFY_SOURCE=1 in CPPFLAGS. Disabled with -U_FORTIFY_SOURCE or -D_FORTIFY_SOURCE=0 in CPPFLAGS.
First enabled in Ubuntu 8.10. These options should only cause build failures if the package is compiling with -Werror.
warning: format not a string literal and no format arguments
This is caused by code that forgot to use "%s" for a *printf function. For example:
Disabled with -Wno-format-security or -Wformat=0 in CPPFLAGS.
First enabled in Ubuntu 8.10. This option paves the way for using -z now to further harden long-running programs like daemons.
No known failure examples.
Disabled with -Wl,-z,norelro in LDFLAGS.