[Olsr-dev] hardening 1by1: -Wformat -Wformat-security -Werror=format-security
Henning Rogge
(spam-protected)
Mon Oct 15 08:06:09 CEST 2012
Hi Hans,
would this patch okay from Debians point of view? I expect that the
Debian package is compiled without Debug symbols anyways.
The patch adds -O2 -D_FORTIFY_SOURCE=2 to any non-debug build, unless
the OPTIMIZE variable is already set.
diff --git a/Makefile.inc b/Makefile.inc
index 4275ad2..0f8c993 100644
--- a/Makefile.inc
+++ b/Makefile.inc
@@ -95,6 +95,7 @@ WARNINGS += -Wsequence-point
WARNINGS += -Wcast-align
WARNINGS += -Wformat-security
WARNINGS += -Wformat-y2k
+WARNINGS += -Werror=format-security
WARNINGS += -Winit-self
WARNINGS += -Wswitch-default
WARNINGS += -Wsync-nand
@@ -210,6 +211,9 @@ CPPFLAGS += -DDEBUG
CFLAGS += -ggdb
else
CPPFLAGS += -DNDEBUG
+ifeq ($(OPTIMIZE),)
+OPTIMIZE += -O2 -D_FORTIFY_SOURCE=2
+endif
endif
ifeq ($(NO_DEBUG_MESSAGES),1)
CPPFLAGS += -DNODEBUG
Henning Rogge
--
Diplom-Informatiker Henning Rogge , Fraunhofer-Institut für
Kommunikation, Informationsverarbeitung und Ergonomie FKIE
Kommunikationssysteme (KOM)
Fraunhofer Straße 20, 53343 Wachtberg, Germany
Telefon +49 228 9435-961, Fax +49 228 9435 685
mailto:(spam-protected) http://www.fkie.fraunhofer.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6169 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.olsr.org/pipermail/olsr-dev/attachments/20121015/d350655d/attachment.bin>
More information about the Olsr-dev
mailing list