# Build log hardening check, checks build logs for missing hardening flags.
-# Copyright (C) 2012-2013 Simon Ruderich
+# Copyright (C) 2012-2014 Simon Ruderich
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
use Getopt::Long ();
use Text::ParseWords ();
-our $VERSION = '0.04';
+our $VERSION = '0.05';
# CONSTANTS/VARIABLES
my @def_cppflags = ();
my @def_cppflags_fortify = (
'-D_FORTIFY_SOURCE=2', # must be first, see cppflags_fortify_broken()
- # If you add another flag fix hack below (search for "Hack to fix").
+ # If you add another flag fix hack below (search for "Hack to fix") and
+ # $def_cppflags_fortify[0].
);
my @def_cppflags_fortify_bad = (
# These flags may overwrite -D_FORTIFY_SOURCE=2.
}
if ($option_version) {
print <<"EOF";
-blhc $VERSION Copyright (C) 2012-2013 Simon Ruderich
+blhc $VERSION Copyright (C) 2012-2014 Simon Ruderich
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
$harden_stack = 0;
$harden_stack_strong = 0;
}
- if ($arch =~ /^(?:m68k|or1k|powerpcspe|sh4|x32)$/) {
- $harden_stack_strong = 0;
- }
if ($cpu =~ /^(?:ia64|hppa|avr32)$/) {
$harden_relro = 0;
$harden_bindnow = 0;
# for a debug build.
if (any_flags_used($line, @def_cflags_debug)) {
remove_flags([\@cflags], \%flag_renames, $def_cflags[1]);
+ remove_flags([\@cppflags], \%flag_renames, $def_cppflags_fortify[0]);
}
# Check hardening flags.
=head1 LICENSE AND COPYRIGHT
-Copyright (C) 2012-2013 by Simon Ruderich
+Copyright (C) 2012-2014 by Simon Ruderich
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by