This article describes the steps required to add buffer overflow protection to string functions. As a real-world example, we use the
strlcpy function, which is implemented in the libbsd library on some GNU/Linux systems.
This kind of buffer overflow protection uses a GNU Compiler Collection (GCC) feature for array size tracking (“source fortification”), accessed through the
__builtin_object_size GCC built-in function. In general, these checks are added in a size-checking wrapper function around the original (wrapped) function, which is
strlcpy in our example.
Continue reading “Adding buffer overflow detection to string functions”