This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH 1/5] __fdelt_chk: Removed range check
- From: KOSAKI Motohiro <kosaki dot motohiro at gmail dot com>
- To: Allan McRae <allan at archlinux dot org>
- Cc: Andreas Jaeger <aj at suse dot com>, libc-alpha <libc-alpha at sourceware dot org>
- Date: Fri, 3 May 2013 18:49:14 -0400
- Subject: Re: [PATCH 1/5] __fdelt_chk: Removed range check
- References: <CAHGf_=qewv9SqnjRei0NXuODc_ZW0erm5JkBb1r6T+kgGkuK=w at mail dot gmail dot com> <51843C3D dot 7010701 at archlinux dot org>
>> 1. If we disable __fdelt_chk and distro doesn't rebuild any packages.
>> -> it works. but the packages are no longer protected by FORTIFY
>> until rebuilt.
>>
>> 4. If we don't disable __fdelt_chk and distro rebuild cherry
>> picked packages.
>> -> It works. Affected softwares are expected less than twenty.
>> However the remained problem is, nobody know full lists
>> of affected packages. And third party software which doesn't
>> built still may crash.
>>
>> Practically, only (1) and (4) are an option. There are no free lunch either.
>> Thus, I'd like to ask distro developers.
>
> From that, I'd say the (1) is the only option - although it is still not
> ideal... In all other cases, package built against prior glibc may
> crash and that is not acceptable.
Your opinion matches to me. However, I'd like hear other distro's opinion too.
I'll wait couple of days for that.
Thanks.