https://gcc.gnu.org/bugzilla/show_bug.cgi?id=65724
--- Comment #3 from Jakub Jelinek <jakub at gcc dot gnu.org> --- (In reply to xur from comment #2) > Do you mean the result of 0 in g++ is intentional? Yes. > But I'm not quite understand the relation with _FORTIFY_SOURCE=2. This > macro does not seem to be check in tree-objsz pass. > In other words, if I unset _FORTIFY_SOURCE or set it 1, I still get the > same result. With -D_FORTIFY_SOURCE=1, __builtin_object_size (ptr, 1) is never used in the C library headers, only __builtin_object_size (ptr, 0) for everything. In that case you are allowed to cross field boundaries not just with memcpy and the like, but also with strcpy etc. -D_FORTIFY_SOURCE=2 is a mode that rejects some valid C programs, simply imposes additional security related restrictions that str* etc. functions can't cross field boundaries, %n in *scanf family can't be used if the string literal isn't read only etc.
