M0M0F3IK
commented
3 weeks ago I would prefer CMake as our build generator, so we can deploy our game on multiple platforms.
Link to CMake Docs: https://cmake.org/cmake/help/latest/guide/tutorial/
Open M0M0F3IK opened 3 weeks ago
M0M0F3IK
commented
3 weeks ago I would prefer CMake as our build generator, so we can deploy our game on multiple platforms.
Link to CMake Docs: https://cmake.org/cmake/help/latest/guide/tutorial/
zn2plusc
commented
3 weeks ago This CMake configuration is well-structured, with a focus on security and modern C++ practices. We will use it as a base model to build upon.
cmake_minimum_required(VERSION 3.15) # Set to the minimum version required for your project
project(SecureProject VERSION 1.0 LANGUAGES CXX)
# Set C++ Standard
set(CMAKE_CXX_STANDARD 17) # Update based on your needs (17, 20, etc.)
set(CMAKE_CXX_STANDARD_REQUIRED ON)
set(CMAKE_CXX_EXTENSIONS OFF)
# Force Debug and Release builds to have different options
set(CMAKE_CONFIGURATION_TYPES "Debug;Release" CACHE STRING "Configurations" FORCE)
# Output directories
set(CMAKE_RUNTIME_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR}/bin)
set(CMAKE_ARCHIVE_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR}/lib)
set(CMAKE_LIBRARY_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR}/lib)
# Enable all compiler warnings (adjust based on your compiler)
if(CMAKE_CXX_COMPILER_ID MATCHES "GNU|Clang")
add_compile_options(
-Wall # All warnings
-Wextra # Extra warnings
-Wpedantic # Enforce ISO C++ standard
-Wconversion # Warn on type conversions
-Wshadow # Warn on variable shadowing
-Wformat=2 # Format string checks
-Werror # Treat warnings as errors
)
elseif(MSVC)
add_compile_options(
/W4 # High warning level
/WX # Treat warnings as errors
)
endif()
# Add security and sanitizers (GNU/Clang only)
if(CMAKE_CXX_COMPILER_ID MATCHES "GNU|Clang")
# Memory safety checks with sanitizers
set(SANITIZER_OPTIONS "-fsanitize=address,undefined")
if(CMAKE_BUILD_TYPE STREQUAL "Debug")
add_compile_options(${SANITIZER_OPTIONS})
add_link_options(${SANITIZER_OPTIONS})
endif()
# Enable stack protection
add_compile_options(-fstack-protector-strong)
# Enable control flow integrity (if supported by compiler)
include(CheckCXXCompilerFlag)
check_cxx_compiler_flag("-fsanitize=cfi" HAS_CFI_FLAG)
if(HAS_CFI_FLAG)
add_compile_options(-fsanitize=cfi -flto)
add_link_options(-fsanitize=cfi -flto)
endif()
endif()
# Disable some insecure functions (POSIX only)
if(UNIX)
add_definitions(-D_FORTIFY_SOURCE=2) # Buffer overflow protection
endif()
# Link-time optimization
if(NOT CMAKE_BUILD_TYPE MATCHES "Debug")
set(CMAKE_INTERPROCEDURAL_OPTIMIZATION TRUE)
endif()
# Disallow in-source builds
if("${CMAKE_SOURCE_DIR}" STREQUAL "${CMAKE_BINARY_DIR}")
message(FATAL_ERROR "In-source builds are not allowed. Please create a separate build directory.")
endif()
# Define targets
add_executable(SecureExecutable main.cpp) # Replace main.cpp with your source file(s)
# Set up secure RPATH and Runpath handling
set_target_properties(SecureExecutable PROPERTIES
BUILD_WITH_INSTALL_RPATH FALSE
INSTALL_RPATH_USE_LINK_PATH TRUE
INSTALL_RPATH "$ORIGIN"
)
# Harden executable (e.g., disabling executable stacks if supported)
if(CMAKE_SYSTEM_NAME MATCHES "Linux" AND CMAKE_CXX_COMPILER_ID MATCHES "GNU|Clang")
add_link_options(-z noexecstack -z relro -z now)
endif()
# Install rules (if installing is part of the process)
install(TARGETS SecureExecutable DESTINATION bin)Good! Later on I would add an for-each loop, so we dont have to add each include-file and executable manually
Code Base Development
(Assignees: @M0M0F3IK ) Development of a dynamic CodeBase/GameEngine to create a scalable game and avoid editing the codebase in case of implementing a new feature.
Questions: