This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH 1/5] __fdelt_chk: Removed range check

From: KOSAKI Motohiro <kosaki dot motohiro at gmail dot com>
To: Allan McRae <allan at archlinux dot org>
Cc: Andreas Jaeger <aj at suse dot com>, libc-alpha <libc-alpha at sourceware dot org>
Date: Fri, 3 May 2013 18:49:14 -0400
Subject: Re: [PATCH 1/5] __fdelt_chk: Removed range check
References: <CAHGf_=qewv9SqnjRei0NXuODc_ZW0erm5JkBb1r6T+kgGkuK=w at mail dot gmail dot com> <51843C3D dot 7010701 at archlinux dot org>

>> 1. If we disable __fdelt_chk and distro doesn't rebuild any packages.
>>    -> it works. but the packages are no longer protected by FORTIFY
>>        until rebuilt.
>>
>> 4. If we don't disable __fdelt_chk and distro rebuild cherry
>>     picked packages.
>>     -> It works. Affected softwares are expected less than twenty.
>>         However the remained problem is, nobody know full lists
>>         of affected packages. And third party software which doesn't
>>         built still may crash.
>>
>> Practically, only (1) and (4) are an option. There are no free lunch either.
>> Thus, I'd like to ask distro developers.
>
> From that, I'd say the (1) is the only option - although it is still not
> ideal...  In all other cases, package built against prior glibc may
> crash and that is not acceptable.

Your opinion matches to me. However, I'd like hear other distro's opinion too.
I'll wait couple of days for that.

Thanks.

References:
- Re: [PATCH 1/5] __fdelt_chk: Removed range check
  - From: KOSAKI Motohiro
- Re: [PATCH 1/5] __fdelt_chk: Removed range check
  - From: Allan McRae

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]