Open chrfranke opened 5 months ago
Hi Christian. Are you suggesting simply set _FORTIFY_SOURCE to 3 and change -g
to -ggdb
here in configure.ac?
That sounds fine and good to me, other than I'm not 100% sure the compiler must always be gcc, and if it were something else -ggdb
wouldn't be valid.
If downstream predefines certain *FLAGS, these should IMO always have preference.
Here a working example for configure.ac
which sets _FORTIFY_SOURCE=3
if not pre(un)defined. A full check, which also detects compiler presets (e.g. Ubuntu gcc), would require AC_COMPILE_IF_ELSE
.
case " $CPPFLAGS $CFLAGS $CXXFLAGS " in
*\ -[[DU]]_FORTIFY_SOURCE\ *|*\ -D_FORTIFY_SOURCE=*)
;; # _FORTIFY_SOURCE pre(un)defined (does not detect compiler presets)
*)
CFLAGS="$CFLAGS -D_FORTIFY_SOURCE=3"
CXXFLAGS="$CXXFLAGS -D_FORTIFY_SOURCE=3" ;;
esac
Another recommended security flag is -fstack-protector-strong
(gcc >= 4.9). It is typically also preset on recent distributions.
At least in the ancient past (IIRC at least with the solaris compiler), even -Wall
was not portable. Here an example which sets -Wall
only for gcc/clang (GCC=yes
in configure) and also sets -Werror=return-type
for C++ only.
case "$GCC: $CFLAGS $CXXFLAGS " in
:*|*\ -W*)
;; # No gcc/clang used or -W option(s) are predefined
yes:*)
CFLAGS="$CFLAGS -Wall"
# Never ignore -Wreturn-type as g++ >= 8.0 assumes that control never
# reaches the end of a non-void function.
CXXFLAGS="$CXXFLAGS -Wall -Werror=return-type" ;;
esac
BTW, there is no need to set -g
because configure
already does this by default if the compiler supports it. It also adds -O2
for gcc/clang.
Could you provide a pull request?
Many recent distros provide GCC >= 12.0 which supports
__builtin_dynamic_object_size()
: https://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.htmlThis is used instead of
__builtin_object_size()
by newer CRT includes if_FORTIFY_SOURCE=3
is set.Compiler presets or packaging support tools now often default to
_FORTIFY_SOURCE=3
which would be downgraded by these lines ofconfigure.ac
:(A similar problem may be the
-g
which may override-ggdb
)