blhc generates the following warnings because all hardening flags are missing:
- CFLAGS missing (-fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -Werror=format-security): gcc -g -O2 -o test test.c
+ CFLAGS missing (-fstack-protector-strong -Wformat -Werror=format-security): gcc -g -O2 -o test test.c
CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -g -O2 -o test test.c
LDFLAGS missing (-Wl,-z,relro): gcc -g -O2 -o test test.c
dpkg-buildpackage: ...
If it's not present no compiler commands are detected. In case you don't use
-dpkp-buildpackage but still want to check a build log, adding it as first line
+dpkg-buildpackage but still want to check a build log, adding it as first line
should work fine.
To prevent false positives when checking debug builds, compiler lines
blhc is licensed under GPL version 3 or later.
-Copyright (C) 2012-2015 Simon Ruderich
+Copyright (C) 2012-2021 Simon Ruderich
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+// vim: ft=asciidoc