# C++
qw( hh H hp hxx hpp HPP h++ tcc ),
);
+# Object files.
+my @object = (
+ # Normal object files.
+ qw ( o ),
+ # Libtool object files.
+ qw ( lo la ),
+ # Dynamic libraries. bzip2 uses .sho.
+ qw ( so sho ),
+ # Static libraries.
+ qw ( a ),
+);
# Hashes for fast extensions lookup to check if a file falls in one of these
# categories.
@source_preprocess_compile_cpp,
@source_no_preprocess_compile_cpp,
);
+my %extensions_object = map { $_ => 1 } (
+ @object,
+);
my %extension = map { $_ => 1 } (
@source_no_preprocess,
@header_preprocess,
@source_preprocess,
+ @object,
);
# Regexp to match file extensions.
$preprocess = 1;
}
+ if (not $flag_preprocess) {
# If there are source files then it's compiling/linking in one step
# and we must check both. We only check for source files here, because
# header files cause too many false positives.
- if (not $flag_preprocess
- and extension_found(\%extensions_compile_link, @extensions)) {
+ if (extension_found(\%extensions_compile_link, @extensions)) {
# Assembly files don't need CFLAGS.
if (not extension_found(\%extensions_compile, @extensions)
and extension_found(\%extensions_no_compile, @extensions)) {
} else {
$compile = 1;
}
+ # No compilable extensions found, either linking or compiling
+ # header flags.
+ #
+ # If there are also no object files we are just compiling headers
+ # (.h -> .h.gch). Don't check for linker flags in this case. Due
+ # to our liberal checks for compiler lines, this also reduces the
+ # number of false positives considerably.
+ } elsif ($link
+ and not extension_found(\%extensions_object, @extensions)) {
+ $link = 0;
+ }
}
# Assume CXXFLAGS are required when a C++ file is specified in the
my $bad_ldflags =
'LDFLAGS missing (-Wl,-z,relro): gcc -o test test-a.o test-b.o test-c.o -ltest
+LDFLAGS missing (-Wl,-z,relro): gcc -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -o test test-a.o test-b.o test-c.o
+LDFLAGS missing (-Wl,-z,relro): gcc -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -o test test-a.o test-b.o test-c.o test.h
';
is_blhc 'bad-ldflags', '', 8,
$bad_ldflags;
CFLAGS missing (-fPIE): gcc -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -Werror=format-security -D_FORTIFY_SOURCE=2 -c test-b.c
CFLAGS missing (-fPIE): gcc -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -Werror=format-security -D_FORTIFY_SOURCE=2 -c test-c.c
LDFLAGS missing (-fPIE -pie -Wl,-z,relro): gcc -o test test-a.o test-b.o test-c.o -ltest
+LDFLAGS missing (-fPIE -pie -Wl,-z,relro): gcc -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -o test test-a.o test-b.o test-c.o
+LDFLAGS missing (-fPIE -pie -Wl,-z,relro): gcc -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -o test test-a.o test-b.o test-c.o test.h
';
is_blhc 'bad-ldflags', '--bindnow', 8,
'LDFLAGS missing (-Wl,-z,relro -Wl,-z,now): gcc -o test test-a.o test-b.o test-c.o -ltest
+LDFLAGS missing (-Wl,-z,relro -Wl,-z,now): gcc -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -o test test-a.o test-b.o test-c.o
+LDFLAGS missing (-Wl,-z,relro -Wl,-z,now): gcc -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -o test test-a.o test-b.o test-c.o test.h
';
is_blhc 'bad-ldflags', '--pie --bindnow', 8,
'CFLAGS missing (-fPIE): gcc -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -Werror=format-security -D_FORTIFY_SOURCE=2 -c test-a.c
CFLAGS missing (-fPIE): gcc -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -Werror=format-security -D_FORTIFY_SOURCE=2 -c test-b.c
CFLAGS missing (-fPIE): gcc -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Wformat-security -Werror=format-security -D_FORTIFY_SOURCE=2 -c test-c.c
LDFLAGS missing (-fPIE -pie -Wl,-z,relro -Wl,-z,now): gcc -o test test-a.o test-b.o test-c.o -ltest
+LDFLAGS missing (-fPIE -pie -Wl,-z,relro -Wl,-z,now): gcc -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -o test test-a.o test-b.o test-c.o
+LDFLAGS missing (-fPIE -pie -Wl,-z,relro -Wl,-z,now): gcc -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security -D_FORTIFY_SOURCE=2 -o test test-a.o test-b.o test-c.o test.h
';
is_blhc 'bad-multiline', '', 8,
CFLAGS missing (-g -O2 -fPIE -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security): /bin/bash ../libtool --tag=CC --mode=link gcc -Wl,-z,relro -o test.so test.c
CPPFLAGS missing (-D_FORTIFY_SOURCE=2): /bin/bash ../libtool --tag=CC --mode=link gcc -Wl,-z,relro -o test.so test.c
LDFLAGS missing (-fPIE -pie -Wl,-z,now): /bin/bash ../libtool --tag=CC --mode=link gcc -Wl,-z,relro -o test.so test.c
+CPPFLAGS missing (-D_FORTIFY_SOURCE=2): /bin/sh ../libtool --mode=link gcc -Wl,-z,relro -o libtest.la test.h test-a.lo test-b.lo test-c.lo test-d.la
+LDFLAGS missing (-fPIE -pie -Wl,-z,now): /bin/sh ../libtool --mode=link gcc -Wl,-z,relro -o libtest.la test.h test-a.lo test-b.lo test-c.lo test-d.la
+CPPFLAGS missing (-D_FORTIFY_SOURCE=2): /bin/sh ../libtool --mode=link gcc -o libtest.la test.h test-a.lo test-b.lo test-c.lo test-d.la
+LDFLAGS missing (-fPIE -pie -Wl,-z,relro -Wl,-z,now): /bin/sh ../libtool --mode=link gcc -o libtest.la test.h test-a.lo test-b.lo test-c.lo test-d.la
';
ruderich.org/simon / blhc / blhc.git / commitdiff