/usr/src/gcc-4.7/debian/patches/gcc-default-fortify-source.diff is in gcc-4.7-source 4.7.3-12ubuntu1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 | # DP: Turn on -D_FORTIFY_SOURCE=2 by default for C, C++, ObjC, ObjC++,
# DP: if the optimization level is > 0
---
gcc/doc/invoke.texi | 6 ++++++
gcc/c-family/c-cppbuiltin.c | 3 +
2 files changed, 9 insertions(+), 0 deletions(-)
--- a/src/gcc/doc/invoke.texi
+++ b/src/gcc/doc/invoke.texi
@@ -5972,6 +5972,12 @@
Please note the warning under @option{-fgcse} about
invoking @option{-O2} on programs that use computed gotos.
+NOTE: In Ubuntu 8.10 and later versions, @option{-D_FORTIFY_SOURCE=2} is
+set by default, and is activated when @option{-O} is set to 2 or higher.
+This enables additional compile-time and run-time checks for several libc
+functions. To disable, specify either @option{-U_FORTIFY_SOURCE} or
+@option{-D_FORTIFY_SOURCE=0}.
+
@item -O3
@opindex O3
Optimize yet more. @option{-O3} turns on all optimizations specified
--- a/src/gcc/c-family/c-cppbuiltin.c
+++ b/src/gcc/c-family/c-cppbuiltin.c
@@ -731,6 +731,10 @@
builtin_define_with_value ("__REGISTER_PREFIX__", REGISTER_PREFIX, 0);
builtin_define_with_value ("__USER_LABEL_PREFIX__", user_label_prefix, 0);
+ /* Fortify Source enabled by default for optimization levels > 0 */
+ if (optimize)
+ builtin_define_with_int_value ("_FORTIFY_SOURCE", 2);
+
/* Misc. */
if (flag_gnu89_inline)
cpp_define (pfile, "__GNUC_GNU_INLINE__");
|