FORTIFY detection in musl binaries

Open nightah opened this issue 4 months ago • 0 comments

After some testing, it appears to me that musl binaries that are hardened with fortify-headers incorrectly show the FORTIFY field as No with v2.7.1 as documented here.

Having tested the same binaries with v3.x I can see a slightly different output, as below:

checksec file fgets
Warning: Dynamic Binary found but missing libc. Fortify results will be skipped

  _____ _    _ ______ _____ _  __ _____ ______ _____
 / ____| |  | |  ____/ ____| |/ // ____|  ____/ ____|
| |    | |__| | |__ | |    | ' /| (___ | |__ | |
| |    |  __  |  __|| |    |  <  \___ \|  __|| |
| |____| |  | | |___| |____| . \ ____) | |___| |____
 \_____|_|  |_|______\_____|_|\_\_____/|______\_____|

RELRO           Stack Canary      NX            PIE             RPATH      RUNPATH      Symbols         FORTIFY    Fortified   Fortifiable      Name
Full RELRO      No Canary Found   NX enabled    PIE Enabled     No RPATH   No RUNPATH   34 symbols      N/A         0           0                fgets

Would it be possible to get a static compiled binary so that checksec v3.x can be used in musl libc? If that was provided, would the above warning regarding Fortify results being skipped be suppressed, and the output actually work as expected based on the availability of /lib/ld-musl-x86_64.so.1, which the reported binaries are linked to?

Aug 28 '25 04:08 nightah