Hi
Just migrating my programs to this environment
Ubuntu 24.04 with Gnucobol installed from Ubuntu repository
cobc (GnuCOBOL) 3.1.2.0
C version "13.2.0"
compilig programs i get this warning messages
<command-line>: warning: "_FORTIFY_SOURCE" redefined
<command-line>: note: this is the location of the previous definition
(i just opened another discussion for a strange problem, if you think my version is buggy i will download the last source from your site and i will compile it)
Thanks in advance for your support
Maurizio
Last edit: Simon Sobisch 2025-03-13
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
If this is the Ubuntu package, you should open a bug report with them, they should rebuild the package.
You can either use this "a bit outdated but still ok" version by adjusting the flags where you see the first one as environment variable, or sudo apt remove gnucobol && sudo apt autoremove and install GnuCOBOL (3.2 or 3.x nightly) from source, using one of --enable-hardening or --disable-hardening during configure .
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Anonymous
Anonymous
-
2025-03-20
Hi
I downloaded gnocobol 3,2.0 source, compile link install .. and the it give me no more warning messages.. I do not want to stole time to other people.. but for my knowledge ..
When gnucobol code needs FORTIFY_SOURCE ?
Thanks in advance
Maurizio
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
First: nice to see that the 3.2 install fixed this for you. As noted you can now explicit enable or disable hardening, coming to the answer "when does gnucobol needs it":
Short: it doesn't.
Long: it can be useful to ensure that only valid/reasonable data is used, mostly in the runtime but for several optimized MOVE or INITIALIZE statements (including the implied ones for initial state of variables) also can apply to generated COBOL modules.
If you know that your programs rely on out-of-bounds access (those need to be heavily verified manually for any conversion as they can be different between different compilers and/or architectures and/or libc versions) then you likely want to explicit disable this.
Otherwise it can be an additional security element for "safe COBOL", but on a "deeper level" than -fec=all (implied with --debug). It also will abort programs outside of generated runtime checks - saving some cpu cycles while keeping the most important features of them with a more "strange" message - but if you can reproduce this you can enable the generated runtime checks and get a nice COBOL message on a follow-up run (and, naturally, both options will also catch different kind of errors).
Hi
Just migrating my programs to this environment
Ubuntu 24.04 with Gnucobol installed from Ubuntu repository
cobc --infooutput is(i just opened another discussion for a strange problem, if you think my version is buggy i will download the last source from your site and i will compile it)
Thanks in advance for your support
Maurizio
Last edit: Simon Sobisch 2025-03-13
If this is the Ubuntu package, you should open a bug report with them, they should rebuild the package.
You can either use this "a bit outdated but still ok" version by adjusting the flags where you see the first one as environment variable, or
sudo apt remove gnucobol && sudo apt autoremoveand install GnuCOBOL (3.2 or 3.x nightly) from source, using one of--enable-hardeningor--disable-hardeningduring configure .Hi
I downloaded gnocobol 3,2.0 source, compile link install .. and the it give me no more warning messages.. I do not want to stole time to other people.. but for my knowledge ..
When gnucobol code needs FORTIFY_SOURCE ?
Thanks in advance
Maurizio
First: nice to see that the 3.2 install fixed this for you. As noted you can now explicit enable or disable hardening, coming to the answer "when does gnucobol needs it":
Short: it doesn't.
Long: it can be useful to ensure that only valid/reasonable data is used, mostly in the runtime but for several optimized
MOVEorINITIALIZEstatements (including the implied ones for initial state of variables) also can apply to generated COBOL modules.If you know that your programs rely on out-of-bounds access (those need to be heavily verified manually for any conversion as they can be different between different compilers and/or architectures and/or libc versions) then you likely want to explicit disable this.
Otherwise it can be an additional security element for "safe COBOL", but on a "deeper level" than
-fec=all(implied with--debug). It also will abort programs outside of generated runtime checks - saving some cpu cycles while keeping the most important features of them with a more "strange" message - but if you can reproduce this you can enable the generated runtime checks and get a nice COBOL message on a follow-up run (and, naturally, both options will also catch different kind of errors).See https://www.gnu.org/software/libc/manual/html_node/Source-Fortification.html for some more information (generated modules only call memcpy/memmove/memset from that list but the compiler and runtime use many of those functions).
BTW: If a post does not show after you posting it, it likely is because you're not logged in :-)
Last edit: Simon Sobisch 2025-03-20
Thanks Simon ,
my apologyzes.. i hit 3 times post button...