X-Git-Url: https://ruderich.org/simon/gitweb/?p=blhc%2Fblhc.git;a=blobdiff_plain;f=README;h=b60004cc9a7c8f41fd17b25ce4fd710f90ff4ddc;hp=a3d22ce4a6bb5dca587f8f425a7ad722ce661a2a;hb=c2874d0d8e4579450add73e804f400fdd7f2f456;hpb=7d9ae6314e499d9e76bc32a0e1c4a5686bb59158 diff --git a/README b/README index a3d22ce..b60004c 100644 --- a/README +++ b/README @@ -67,7 +67,7 @@ Consider the following compiler line: blhc generates the following warnings because all hardening flags are missing: - CFLAGS missing (-fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -Werror=format-security): gcc -g -O2 -o test test.c + CFLAGS missing (-fstack-protector-strong -Wformat -Werror=format-security): gcc -g -O2 -o test test.c CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -g -O2 -o test test.c LDFLAGS missing (-Wl,-z,relro): gcc -g -O2 -o test test.c @@ -120,7 +120,7 @@ real compile process (output of dpkg-buildpackage): dpkg-buildpackage: ... If it's not present no compiler commands are detected. In case you don't use -dpkp-buildpackage but still want to check a build log, adding it as first line +dpkg-buildpackage but still want to check a build log, adding it as first line should work fine. To prevent false positives when checking debug builds, compiler lines @@ -174,7 +174,7 @@ LICENSE blhc is licensed under GPL version 3 or later. -Copyright (C) 2012-2015 Simon Ruderich +Copyright (C) 2012-2020 Simon Ruderich This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -188,3 +188,5 @@ GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . + +// vim: ft=asciidoc