From: Paul Eggert Date: Sat, 8 Apr 2023 20:51:26 +0000 (-0700) Subject: manual: update AddressSanitizer discussion X-Git-Tag: glibc-2.38~389 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=54ae6d81c94364c1e13a5b8baef52b9e3475fedd;p=thirdparty%2Fglibc.git manual: update AddressSanitizer discussion * manual/string.texi (Truncating Strings): Update obsolescent reference and use the more-generic term “AddressSanitizer”. Mention fortification, too. -fcheck-pointer-bounds is no longer supported. --- diff --git a/manual/string.texi b/manual/string.texi index 57b804c1df8..ad572652748 100644 --- a/manual/string.texi +++ b/manual/string.texi @@ -1088,11 +1088,10 @@ name, a truncated name can identify the wrong user. Although some buffer overruns can be prevented by manually replacing calls to copying functions with calls to truncation functions, there -are often easier and safer automatic techniques that cause buffer -overruns to reliably terminate a program, such as GCC's -@option{-fcheck-pointer-bounds} and @option{-fsanitize=address} -options. @xref{Debugging Options,, Options for Debugging Your Program -or GCC, gcc, Using GCC}. Because truncation functions can mask +are often easier and safer automatic techniques, such as fortification +(@pxref{Source Fortification}) and AddressSanitizer +(@pxref{Instrumentation Options,, Program Instrumentation Options, gcc, Using GCC}). +Because truncation functions can mask application bugs that would otherwise be caught by the automatic techniques, these functions should be used only when the application's underlying logic requires truncation.