mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2025-01-25 20:19:18 -05:00
gnu: fortify-headers: Use @code mark-up.
* gnu/packages/suckless.scm (fortify-headers)[description]: Use @code.
This commit is contained in:
parent
fea8b72989
commit
ef27b4345f
1 changed files with 4 additions and 4 deletions
|
@ -586,16 +586,16 @@ (define-public fortify-headers
|
|||
"This is a standalone implementation of fortify source. It provides
|
||||
compile time buffer checks. It is libc-agnostic and simply overlays the
|
||||
system headers by using the @code{#include_next} extension found in GCC. It was
|
||||
initially intended to be used on musl based Linux distributions.
|
||||
initially intended to be used on musl-based Linux distributions.
|
||||
|
||||
@itemize
|
||||
@item It is portable, works on *BSD, Linux, Solaris and possibly others.
|
||||
@item It will only trap non-conformant programs. This means that fortify
|
||||
level 2 is treated in the same way as level 1.
|
||||
@item Avoids making function calls when undefined behaviour has already been
|
||||
invoked. This is handled by using __builtin_trap().
|
||||
@item Support for out-of-bounds read interfaces, such as send(), write(),
|
||||
fwrite() etc.
|
||||
invoked. This is handled by using @code{__builtin_trap()}.
|
||||
@item Support for out-of-bounds read interfaces, such as @code{send()},
|
||||
@code{write()}, @code{fwrite()}, etc.
|
||||
@item No ABI is enforced. All of the fortify check functions are inlined
|
||||
into the resulting binary.
|
||||
@end itemize\n")
|
||||
|
|
Loading…
Reference in a new issue