projects
/
libjh.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (from parent 1:
c5c8566
)
add -fstack-check and hardening
author
Jann Horn
<jann@thejh.net>
Tue, 9 Jun 2015 18:40:36 +0000
(20:40 +0200)
committer
Jann Horn
<jann@thejh.net>
Tue, 9 Jun 2015 18:40:36 +0000
(20:40 +0200)
compile.sh
patch
|
blob
|
history
diff --git
a/compile.sh
b/compile.sh
index
b8e658e
..
9375a67
100755
(executable)
--- a/
compile.sh
+++ b/
compile.sh
@@
-11,7
+11,8
@@
set -f -u -e -o pipefail
# flags for the build - adjust for your needs
# delete all the generated stuff afterwards (with `rm -r gen`)
CC='gcc'
# flags for the build - adjust for your needs
# delete all the generated stuff afterwards (with `rm -r gen`)
CC='gcc'
-CFLAGS='-O3 -Wall -Werror -Wno-error=strict-aliasing -fPIC -std=c99 -march=native'
+# -fstack-check isn't just hardening - we do unbounded stack allocations in TPRINTF!
+CFLAGS='-O3 -Wall -Werror -Wno-error=strict-aliasing -fPIC -std=c99 -march=native -fstack-check -fstack-protector-all -D_FORTIFY_SOURCE=2'
# create build environment if it doesn't exist yet
mkdir -p gen # contains all generated files
# create build environment if it doesn't exist yet
mkdir -p gen # contains all generated files