[Olsr-dev] hardening 1by1: -Wformat -Wformat-security -Werror=format-security
Ferry Huberts
(spam-protected)
Mon Oct 15 16:52:22 CEST 2012
On 15-10-12 16:49, Hans of Guardian wrote:
>
> That seems backwards to me. I think "make" should give you a build
> with -O2. And "make DEBUG=1" would disable anything that gets in the
> way of debugging.
>
> "make" should produce a production build with all the flags that
> olsrd devs think any production build should include. It could
> include -g i.e. debug symbols since "make install" should strip
> them.
That's not how it's been done in olsrd since forever.
I'm not in favor of changing the make behavior so I think Henning's
proposal makes sense
>
> .hc
>
> On Oct 15, 2012, at 2:06 AM, Henning Rogge wrote:
>
>> Hi Hans,
>>
>> would this patch okay from Debians point of view? I expect that the
>> Debian package is compiled without Debug symbols anyways.
>>
>> The patch adds -O2 -D_FORTIFY_SOURCE=2 to any non-debug build,
>> unless the OPTIMIZE variable is already set.
>>
>>
>> diff --git a/Makefile.inc b/Makefile.inc index 4275ad2..0f8c993
>> 100644 --- a/Makefile.inc +++ b/Makefile.inc @@ -95,6 +95,7 @@
>> WARNINGS += -Wsequence-point WARNINGS += -Wcast-align WARNINGS
>> += -Wformat-security WARNINGS += -Wformat-y2k +WARNINGS +=
>> -Werror=format-security WARNINGS += -Winit-self WARNINGS +=
>> -Wswitch-default WARNINGS += -Wsync-nand @@ -210,6 +211,9 @@
>> CPPFLAGS += -DDEBUG CFLAGS += -ggdb else CPPFLAGS +=
>> -DNDEBUG +ifeq ($(OPTIMIZE),) +OPTIMIZE += -O2 -D_FORTIFY_SOURCE=2
>> +endif endif ifeq ($(NO_DEBUG_MESSAGES),1) CPPFLAGS +=
>> -DNODEBUG
>>
>> Henning Rogge
>>
>> -- Diplom-Informatiker Henning Rogge , Fraunhofer-Institut für
>> Kommunikation, Informationsverarbeitung und Ergonomie FKIE
>> Kommunikationssysteme (KOM) Fraunhofer Straße 20, 53343 Wachtberg,
>> Germany Telefon +49 228 9435-961, Fax +49 228 9435 685
>> mailto:(spam-protected)
>> http://www.fkie.fraunhofer.de
>>
>
>
--
Ferry Huberts
More information about the Olsr-dev
mailing list