Task Todo List Prepare packages for -D_FORTIFY_SOURCE=3

Sept. 5, 2023 - kpcyrd

As specified in the RFC[1] we need to check packages that make use of `malloc_usable_size`:

> Some applications use malloc_usable_size (despite the glibc manual stating it is for diagnostic purposes only). This is currently incompatible with _FORTIFY_SOURCE=3, so these packages will need to continue using level 2 by modifying C{,XX}FLAGS in the PKGBUILD. A TODO list will be created for all such packages on adoption of this proposal.

This list was generated using a scanner[2] that runs `readelf -Ws <path>` on all ELF binaries and checks the output for mentions of `malloc_usable_size@GLIBC`.

A possible fix looks like this:
```
# this uses malloc_usable_size, which is incompatible with fortification level 3
export CFLAGS="${CFLAGS/_FORTIFY_SOURCE=3/_FORTIFY_SOURCE=2}"
export CXXFLAGS="${CXXFLAGS/_FORTIFY_SOURCE=3/_FORTIFY_SOURCE=2}"
```

[1]: https://gitlab.archlinux.org/archlinux/rfcs/-/blob/master/rfcs/0017-increase-fortification-level.rst
[2]: https://github.com/kpcyrd/archlinux-scan-malloc-usable-size
[3]: https://gitlab.archlinux.org/archlinux/devtools/-/merge_requests/191

Link to lists of pkgbase values:

Filter Todo List Packages

Select filter criteria
67 packages displayed out of 67 total packages.
Arch Repository Name Current Version Staging Version Maintainers Status Last Touched By
x86_64 Extra 0ad a26-18 svenstaro Complete kpcyrd
any Extra aarch64-linux-gnu-glibc 2.40-1 anatolik Complete kpcyrd
x86_64 Extra anura 4.0.2-2 svenstaro Complete kpcyrd
x86_64 Extra bcachefs-tools 3:1.13.0-1 freswa Complete kpcyrd
x86_64 Extra blender 17:4.3.0-2 svenstaro Complete kpcyrd
x86_64 Extra cardinal-clap 24.09-1 dvzrv Complete kpcyrd
x86_64 Extra cardinal-lv2 24.09-1 dvzrv Complete kpcyrd
x86_64 Extra cardinal-standalone 24.09-1 dvzrv Complete kpcyrd
x86_64 Extra cardinal-vst 24.09-1 dvzrv Complete kpcyrd
x86_64 Extra cardinal-vst3 24.09-1 dvzrv Complete kpcyrd
x86_64 Extra cuda-tools 12.6.3-1 svenstaro, Lahwaacz, kgizdov Complete kpcyrd
x86_64 Extra cuneiform Complete kpcyrd
x86_64 Extra deno 2.0.2-1 felixonmars Complete kpcyrd
x86_64 Extra dotnet-runtime 8.0.10.sdk110-1 alucryd Complete kpcyrd
x86_64 Extra dotnet-runtime-6.0 6.0.35.sdk135-1 alucryd Complete kpcyrd
x86_64 Extra dotnet-runtime-7.0 7.0.20.sdk120-1 alucryd Complete kpcyrd
x86_64 Extra dotnet-targeting-pack 8.0.10.sdk110-1 alucryd Complete kpcyrd
x86_64 Extra dotnet-targeting-pack-6.0 6.0.35.sdk135-1 alucryd Complete kpcyrd
x86_64 Extra dotnet-targeting-pack-7.0 7.0.20.sdk120-1 alucryd Complete kpcyrd
x86_64 Extra dovecot 2.3.21.1-1 demize, foxxx0 Complete blakkheim
x86_64 Extra emptyepsilon 2024.08.09-1 anthraxx Complete blakkheim
x86_64 Extra firefox 133.0-1 heftig Complete heftig
x86_64 Extra firefox-developer-edition 134.0b2-1 andrewSC Complete blakkheim
x86_64 Extra giac 1.9.0.996-3 arojas Complete kpcyrd
x86_64 Core glibc 2.40+r16+gaa533d58ff-2 grazzolini, freswa Complete freswa
x86_64 Extra gnustep-base 1.30.0-1 Complete kpcyrd
x86_64 Extra goxel 0.15.1-1 arodseth Complete arodseth
x86_64 Extra intel-oneapi-basekit 2024.1.0.596-3 2024.1.0.596-4 kgizdov, tpkessler Complete tpkessler
x86_64 Extra js102 heftig Complete heftig
x86_64 Extra js115 115.18.0-1 heftig Complete heftig
x86_64 Extra js91 91.13.0-2 heftig Complete heftig
x86_64 Core lib32-glibc 2.40+r16+gaa533d58ff-2 grazzolini, freswa Complete freswa
x86_64 Multilib lib32-nvidia-utils 565.57.01-1 svenstaro, felixonmars, dbermond Complete kpcyrd
x86_64 Multilib lib32-sqlite 3.46.1-1 lcarlier Complete kpcyrd
x86_64 Multilib lib32-systemd 256.8-1 eworm Complete eworm
x86_64 Extra libreoffice-fresh 24.8.3-1 andyrtr Complete andyrtr
x86_64 Extra libreoffice-still 24.2.7-2 andyrtr Complete kpcyrd
x86_64 Extra libtorrent-rasterbar 1:2.0.10-3 1:2.0.10-4 dbermond Complete kpcyrd
x86_64 Extra libwebsockets 4.3.3-1 jelle, dvzrv Complete kpcyrd
x86_64 Extra mariadb 11.6.2-2 eworm Complete eworm
x86_64 Extra mosquitto 2.0.18-3 jelle, grawlinson Complete kpcyrd
x86_64 Extra ncdu 2.7-1 anthraxx, daurnimator, Segaja Complete daurnimator
x86_64 Extra neovide 0.13.3-3 alerque Complete alerque
x86_64 Extra networkmanager 1.50.0-1 heftig Complete heftig
x86_64 Extra nodejs 23.1.0-1 felixonmars, polyzen Complete kpcyrd
x86_64 Extra nodejs-lts-iron 20.18.0-1 jelle Complete kpcyrd
x86_64 Extra nvidia-utils 565.57.01-2 svenstaro, felixonmars, dbermond, daurnimator, ptr1337 Complete kpcyrd
x86_64 Extra nvme-cli 2.11-1 Foxboron, coderobe Complete kpcyrd
x86_64 Extra openucx 1.17.0-3 Lahwaacz Complete kpcyrd
x86_64 Extra osquery 5.14.1-2 anatolik, carsme Complete kpcyrd
x86_64 Extra qbs 2.4.2-1 arojas Complete kpcyrd
x86_64 Extra qt5-webengine 5.15.18-5 felixonmars, arojas Complete kpcyrd
x86_64 KDE-Unstable qt6-webengine 6.8.0-8 arojas Complete kpcyrd
any Extra riscv64-linux-gnu-glibc 2.40-2 felixonmars, FFY00, kpcyrd Complete kpcyrd
x86_64 Extra river 0.3.5-2 andyrtr, daurnimator Complete daurnimator
x86_64 Extra ruby 3.3.5-2 bastelfreak, Segaja Complete kpcyrd
x86_64 Extra ruby2.7 2.7.8-1 Complete kpcyrd
x86_64 Extra singular 4.4.0.p7-1 arojas Complete kpcyrd
x86_64 Extra sqlcipher 4.6.0-1 jlichtblau Complete kpcyrd
x86_64 Core sqlite 3.47.1-1 andyrtr Complete blakkheim
x86_64 Core sqlite-analyzer 3.47.1-1 andyrtr Complete andyrtr
x86_64 Core systemd 256.8-2 eworm Complete eworm
x86_64 Core systemd-libs 256.8-2 eworm Complete kpcyrd
x86_64 Extra thunderbird 128.4.4-1 anthraxx, artafinde Complete artafinde
x86_64 Extra warzone2100 4.5.5-1 lcarlier Complete kpcyrd
x86_64 Extra waylock 1.3.0-1 dvzrv, daurnimator Complete kpcyrd
x86_64 Extra z3 4.13.0-2 4.13.0-3 anthraxx Complete kpcyrd