[Olsr-dev] hardening 1by1: -Wformat -Wformat-security -Werror=format-security
Ferry Huberts
(spam-protected)
Wed Oct 10 09:14:18 CEST 2012
On 05-10-12 23:34, Hans-Christoph Steiner wrote:
>
> As part of the effort to get the hardening flags that are default in
> Debian to be also default in olsrd, I'm submitting one email per concept
> so we can discuss them each.
>
> The first is "-Wformat -Wformat-security -Werror=format-security". This
> adds strict checks to *printf() formats, which are a common source of
> exploits. olsrd currently passes all of these checks.
If you'd bothered to check the makefile then you'd seen that these are
already there.
Only the latter (-Werror=format-security) is not there, which (IMHO) is
but a minor 'improvement'.
Please check before throwing stuff on the mailinglist and make _all_ of
us check. You're not building a reputation that we can trust your work
without checking it...
>
> This should be enabled on all platforms.
>
> Here's the Debian docs on the topic:
> http://wiki.debian.org/Hardening#DEB_BUILD_HARDENING_FORMAT_.28gcc.2BAC8-g.2B-.2B-_-Wformat_-Wformat-security_-Werror.3Dformat-security.29
>
> .hc
>
--
Ferry Huberts
More information about the Olsr-dev
mailing list