Skip to content

Commit 936d55d

Browse files
jvoisinjvoisin
committed
Update a bit the readme
1 parent 8f8e5c1 commit 936d55d

File tree

1 file changed

+8
-10
lines changed

1 file changed

+8
-10
lines changed

README.md

+8-10
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,8 @@
11
# What is it?
22

33
This is a [standalone implementation](https://git.2f30.org/fortify-headers/) of
4-
[fortify source]( http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html ).
5-
It provides compile time buffer checks.
4+
[fortify source]( http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html )
5+
level 3, providing compile time security checks.
66
It is libc-agnostic and simply overlays the system headers by using the
77
[`#include_next`](https://gcc.gnu.org/onlinedocs/cpp/Wrapper-Headers.html)
88
extension found in GCC, and
@@ -11,17 +11,15 @@ on Clang. It was initially intended to be used on
1111
[musl](http://www.musl-libc.org/) based
1212
[Linux distributions](https://git.alpinelinux.org/aports/commit/?id=067a4f28825478911bb62be3b8da758d9722753e).
1313

14-
1514
# Features
1615

1716
- It is portable, works on *BSD, Linux, Solaris and possibly others.
18-
- It will only trap non-conformant programs. This means that fortify
17+
- It will only trap non-conformant programs. This means that fortify
1918
level 2 is treated in the same way as level 1.
2019
- Avoids making function calls when undefined behaviour has already been
21-
invoked. This is handled by using `__builtin_trap()`.
22-
- Support for out-of-bounds read interfaces, such as send(), write(),
23-
fwrite() etc.
24-
- No ABI is enforced. All of the fortify check functions are inlined
20+
invoked. This is handled by using `__builtin_trap()`.
21+
- Support for out-of-bounds read interfaces, such as send(), write(), fwrite() etc.
22+
- No ABI is enforced. All of the fortify check functions are inlined
2523
into the resulting binary.
2624
- It has a [comprehensive suite of tests](https://github.com/jvoisin/fortify-headers/tree/master/tests),
2725
running both on Clang and on GCC for every commit, with
@@ -48,11 +46,11 @@ main(void)
4846
return 0;
4947
}
5048
EOF
51-
cc -I<path-to-fortify-include-dir> -D_FORTIFY_SOURCE=1 -O1 fgets.c
49+
cc -I<path-to-fortify-include-dir> -D_FORTIFY_SOURCE=3 -O1 fgets.c
5250
./a.out
5351
```
5452

55-
At this point, the program will safely crash.
53+
At this point, the program will safely and loudly crash.
5654

5755

5856
# Supported interfaces

0 commit comments

Comments
 (0)