Support _FORTIFY_SOURCE=3
Recent versions of clang, gcc, and glibc support _FORTIFY_SOURCE=3
which adds support for tracking sizes of allocations at run time in a way that can be checked by memmove()
and friends. To make use of the new fortification level, allocation functions need attributes indicating which argument is the size (__alloc_size__
) and other functions need to tell the compiler which arguments are pointer, size pairs (__access__
). For more details see https://developers.redhat.com/articles/2023/02/06/how-improve-application-security-using-fortifysource3#