It also doesn’t deliver what it promises, as it doesn’t discuss the cost well. The only thing it states is that it increases code size, but it doesn’t given give numbers, and the header “The gains of improved security coverage outweigh the cost” doesn’t describe its content, which says:
“We need a proper study of performance and code size to understand the magnitude of the impact created by _FORTIFY_SOURCE=3 additional runtime code generation. However the performance and code size overhead may well be worth it due to the magnitude of improvement in security coverage.”
“We need a proper study of performance and code size to understand the magnitude of the impact created by _FORTIFY_SOURCE=3 additional runtime code generation. However the performance and code size overhead may well be worth it due to the magnitude of improvement in security coverage.”