I can see posts as far back as 2010 that indicate Clang had support for FORTIFY_SOURCE, but I haven’t been able to find a commit to cite as the date when Clang got FORTIFY_SOURCE support. Could someone point me in the right direction on that?
(And as a lesser goal, perhaps when llvm-gcc obtained support for it?)
FORTIFY_SOURCE is the name of the library feature, not the compiler feature. The relevant compiler feature is __builtin_object_size; you should find lots of references to that in LLVM commit logs.
Thank you
GCC 12 made quite a bit of progress in that area:
The fortify thing was added in commit Add __builtin_object_size support. · llvm/llvm-project@b0d34c8 · GitHub, SVN revision 55735. That was back in 2008; the nearest version in time was 2.4.
Support for level 3 of _FORTIFY_SOURCE actually came in clang before it came in gcc. See RH’s 2021 article https://developers.redhat.com/blog/2021/04/16/broadening-compiler-checks-for-buffer-overflows-in-_fortify_source.