doc: allow for _FORTIFY_SOURCE = 3

Problem reported by Basil L. Contovounesios in:
https://lists.gnu.org/r/bug-gnulib/2025-10/msg00068.html

diff --git a/doc/gnulib-readme.texi b/doc/gnulib-readme.texi
index 051babc5162ebd272647bcbc0def0c4a967e1609..495b7359e37f77fe06de21f31c575a31e323448b 100644 (file)
--- a/doc/gnulib-readme.texi
+++ b/doc/gnulib-readme.texi
@@ -672,7 +672,7 @@ options appropriate for your compiler.  For example:
 ./configure \
  CPPFLAGS='-Wall'\
  CFLAGS='-g3 -O2'\
-' -D_FORTIFY_SOURCE=2'\
+' -D_FORTIFY_SOURCE=3'\
 ' -fsanitize=undefined'\
 ' -fsanitize-undefined-trap-on-error'
 @end example
@@ -682,7 +682,7 @@ Here:
 
 @itemize @bullet
 @item
-@code{-D_FORTIFY_SOURCE=2} enables extra security hardening checks in
+@code{-D_FORTIFY_SOURCE=3} enables extra security hardening checks in
 the GNU C library.
 @item
 @code{-fsanitize=undefined} enables GCC's undefined behavior sanitizer

diff --git a/doc/posix-functions/longjmp.texi b/doc/posix-functions/longjmp.texi
index 8860133b6b0996cde7fd62616342353a749899cc..a78f6a3f71268ee046d3abf140365aa776e7f7b0 100644 (file)
--- a/doc/posix-functions/longjmp.texi
+++ b/doc/posix-functions/longjmp.texi
@@ -24,7 +24,7 @@ you need to clear the @code{SS_ONSTACK} flag in the @code{stack_t}
 structure managed by the kernel.
 @item
 This function may crash when the invoker code was compiled with option
-@code{-D_FORTIFY_SOURCE=2},
+@code{_FORTIFY_SOURCE >= 2}
 @c https://sourceware.org/PR32522
 on Hurd.
 @end itemize

diff --git a/lib/vasnprintf.c b/lib/vasnprintf.c
index 614da3187c36cf70a0587579082f0aa7c2bbae1b..5ca73e92a7b3027bff5efebe78b346b01c936828 100644 (file)
--- a/lib/vasnprintf.c
+++ b/lib/vasnprintf.c
@@ -6959,7 +6959,7 @@ VASNPRINTF (DCHAR_T *resultbuf, size_t *lengthp,
                 /* The following platforms forbid %n:
                      - On glibc2 systems from 2004-10-18 or newer, the use of
                        %n in format strings in writable memory may crash the
-                       program (if compiled with _FORTIFY_SOURCE=2).
+                       program (if compiled with _FORTIFY_SOURCE >= 2).
                      - On macOS 10.13 or newer, the use of %n in format
                        strings in writable memory by default crashes the
                        program.

diff --git a/m4/printf.m4 b/m4/printf.m4
index 3aadf99c5bfb3a6a66fb886b722c42ff73dae346..ccd856fc1aa67598c699e6106abfe24319af1b4a 100644 (file)
--- a/m4/printf.m4
+++ b/m4/printf.m4
@@ -937,7 +937,7 @@ int main ()
   _CrtSetReportMode (_CRT_ASSERT, 0);
 #endif
   signal (SIGABRT, abort_handler);
-  /* Copy the format string.  Some systems (glibc with _FORTIFY_SOURCE=2)
+  /* Copy the format string.  Some systems (glibc with _FORTIFY_SOURCE >= 2)
      support %n in format strings in read-only memory but not in writable
      memory.  */
   strcpy (fmtstring, "%d %n");
@@ -1849,7 +1849,7 @@ int main ()
 {
   int count = -1;
   signal (SIGABRT, abort_handler);
-  /* Copy the format string.  Some systems (glibc with _FORTIFY_SOURCE=2)
+  /* Copy the format string.  Some systems (glibc with _FORTIFY_SOURCE >= 2)
      support %n in format strings in read-only memory but not in writable
      memory.  */
   strcpy (fmtstring, "%d %n");

diff --git a/tests/test-sigsegv-catch-stackoverflow1.c b/tests/test-sigsegv-catch-stackoverflow1.c
index a37912f3dd565c190916fd01b99df7d1ddf132db..d2d15b9899c7550bb265fcb129da91deaa9e8038 100644 (file)
--- a/tests/test-sigsegv-catch-stackoverflow1.c
+++ b/tests/test-sigsegv-catch-stackoverflow1.c
@@ -18,7 +18,7 @@
 
 #include <config.h>
 
-/* On GNU/Hurd, when compiling with -D_FORTIFY_SOURCE=2, avoid an error
+/* On GNU/Hurd, when compiling with _FORTIFY_SOURCE >= 2, avoid an error
    "*** longjmp causes uninitialized stack frame ***: terminated".
    Cf. <https://sourceware.org/PR32522>  */
 #ifdef __gnu_hurd__

diff --git a/tests/test-sigsegv-catch-stackoverflow2.c b/tests/test-sigsegv-catch-stackoverflow2.c
index 8d10ebeefa280e0c28cfe1502384d74186ff9548..830fca04c79c0368715f8a7306bc7138ccc076c7 100644 (file)
--- a/tests/test-sigsegv-catch-stackoverflow2.c
+++ b/tests/test-sigsegv-catch-stackoverflow2.c
@@ -18,7 +18,7 @@
 
 #include <config.h>
 
-/* On GNU/Hurd, when compiling with -D_FORTIFY_SOURCE=2, avoid an error
+/* On GNU/Hurd, when compiling with _FORTIFY_SOURCE >= 2, avoid an error
    "*** longjmp causes uninitialized stack frame ***: terminated".
    Cf. <https://sourceware.org/PR32522>  */
 #ifdef __gnu_hurd__