From: chrubis@suse.cz
To: Mike Frysinger <vapier@gentoo.org>
Cc: ltp-list@lists.sourceforge.net
Subject: Re: [LTP] RFC add _FORTIFY_SOURCE to default LTP CFLAGS
Date: Tue, 27 Aug 2013 13:04:34 +0200 [thread overview]
Message-ID: <20130827110434.GA10995@rei.Home> (raw)
In-Reply-To: <201308242143.45598.vapier@gentoo.org>
Hi!
> > Recently just another open(.., O_CREAT) without mode_t flags slipped in
> > the git, which would have been easily catched early by glibc
> > _FORTIFY_SOURCE feature. If _FORTIFY_SOURCE is set additional checks for
> > unused return values, buffer overflows etc. are done. Some distros eable
> > it even by default...
> >
> > Does anybody oposse against adding -D_FORTIFY_SOURCE=2 to the default
> > LTP CFLAGS?
>
> i have a hard time coming up with a scenario where having the flags enabled
> would cause a problem for us. i.e. trying to test C library behavior by
> violating fortify. if that does actually come up, we could just easily put at
> the top of the test:
> /* We actually want test verify XXX */
> #undef _FORTIFY_SOURCE
>
> Gentoo has had this enabled by default in the toolchain for years and don't
> recall running into a problem thus far.
>
> nit though: this should be CPPFLAGS, not CFLAGS.
Ok, CPPFLAGS is better. What would be the best place for it, I came up
with simple:
diff --git a/configure.ac b/configure.ac
index f0fc6b0..afc998c 100644
--- a/configure.ac
+++ b/configure.ac
@@ -30,6 +30,8 @@ AC_PROG_YACC
AC_PREFIX_DEFAULT(/opt/ltp)
+CPPFLAGS="$CPPFLAGS -D_FORTIFY_SOURCE=2"
+
AC_CHECK_HEADERS([ \
dmapi.h \
ifaddrs.h \
diff --git a/include/mk/config.mk.default b/include/mk/config.mk.default
index 953747c..dae9cb7 100644
--- a/include/mk/config.mk.default
+++ b/include/mk/config.mk.default
@@ -54,7 +54,7 @@ mandir := ${datarootdir}/man
RPMBUILD ?= rpmbuild
-CPPFLAGS :=
+CPPFLAGS := -D_FORTIFY_SOURCE=2
CFLAGS := -g -O2
LDLIBS :=
LDFLAGS :=
Which should IMHO work as having defined unrecognized macro should not
break anything, or is there a need how to test for _FORTIFY_SOURCE libc
support?
--
Cyril Hrubis
chrubis@suse.cz
------------------------------------------------------------------------------
Introducing Performance Central, a new site from SourceForge and
AppDynamics. Performance Central is your source for news, insights,
analysis and resources for efficient Application Performance Management.
Visit us today!
http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk
_______________________________________________
Ltp-list mailing list
Ltp-list@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ltp-list
next prev parent reply other threads:[~2013-08-27 11:04 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-07-11 11:00 [LTP] RFC add _FORTIFY_SOURCE to default LTP CFLAGS chrubis
[not found] ` <201308242143.45598.vapier@gentoo.org>
2013-08-27 11:04 ` chrubis [this message]
[not found] ` <201308271218.22009.vapier@gentoo.org>
2013-08-28 11:56 ` chrubis
[not found] ` <201308281234.41447.vapier@gentoo.org>
2013-08-28 16:37 ` Mike Frysinger
2013-09-02 12:23 ` chrubis
2013-09-02 14:27 ` chrubis
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130827110434.GA10995@rei.Home \
--to=chrubis@suse.cz \
--cc=ltp-list@lists.sourceforge.net \
--cc=vapier@gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.