From: Simon Ruderich Date: Sun, 27 May 2012 20:42:17 +0000 (+0200) Subject: Fix --ignore-flag -D_FORTIFY_SOURCE=2. X-Git-Tag: 0.03~2 X-Git-Url: https://ruderich.org/simon/gitweb/?a=commitdiff_plain;h=3e7cbdd4d5a13ed64e957f1c89f106113a8f6a2c;p=blhc%2Fblhc.git Fix --ignore-flag -D_FORTIFY_SOURCE=2. --- diff --git a/bin/blhc b/bin/blhc index c3834fb..51fc4e1 100755 --- a/bin/blhc +++ b/bin/blhc @@ -172,6 +172,7 @@ my @def_cxxflags = ( my @def_cppflags = (); my @def_cppflags_fortify = ( '-D_FORTIFY_SOURCE=2', # must be first, see cppflags_fortify_broken() + # If you add another flag fix hack below (search for "Hack to fix"). ); my @def_cppflags_fortify_bad = ( # These flags may overwrite -D_FORTIFY_SOURCE=2. @@ -862,6 +863,13 @@ foreach my $file (@ARGV) { @ldflags = (@ldflags, @def_ldflags_bindnow); } + # Hack to fix cppflags_fortify_broken() if --ignore-flag + # -D_FORTIFY_SOURCE=2 is used to ignore missing fortification. Only works + # as long as @def_cppflags_fortify contains only one variable. + if (scalar @def_cppflags_fortify == 0) { + $harden_fortify = 0; + } + # Ignore flags for this arch if requested. if ($arch and exists $option_ignore_arch_flag{$arch}) { my @flag_refs = (\@cflags, \@cxxflags, \@cppflags, \@ldflags); diff --git a/t/tests.t b/t/tests.t index 1f68cd4..3bbd629 100644 --- a/t/tests.t +++ b/t/tests.t @@ -19,7 +19,7 @@ use strict; use warnings; -use Test::More tests => 192; +use Test::More tests => 194; sub is_blhc { @@ -519,6 +519,9 @@ CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -D_FORTIFY_SOURCE=0 -g -O2 -fstack-p CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -D_FORTIFY_SOURCE=1 -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -c test-f.c '; +is_blhc 'bad-cppflags', '--ignore-flag -D_FORTIFY_SOURCE=2', 0, + ''; + my $bad_ldflags = 'LDFLAGS missing (-Wl,-z,relro): gcc -o test test-a.o test-b.o test-c.o -ltest ';