Google Git
Sign in
fuchsia / third_party / github.com / stefanberger / swtpm / d57ee9a0f213c45597289b131d227691a658d53b
commitd57ee9a0f213c45597289b131d227691a658d53b[log] [tgz]
authorStefan Berger <stefanb@linux.ibm.com>Mon Apr 04 08:49:37 2022 -0400
committerStefan Berger <stefanb@us.ibm.com>Mon Apr 04 19:01:56 2022 -0400
tree4f289ae2cb7358fd58b3c968169f1f417eb63151
parent2214310d5beaf77a438a808b39402acdbf1a935e [diff]
build-sys: Fix configure script to support _FORTIFY_SOURCE=3

gcc 12.1 supports _FORTIFY_SOURCE=3. Modify the existing check for whether
_FORTIFY_SOURCE=2 can be used to test compile with the user provided
CFLAGS and only add _D_FORTIFY_SOURCE=2 to the HARDENING_CFLAGS if the
user doesn't provide anything that's not compatible.

Following an online article _FORTIFY_SOURCE=3 may add more overhead, so
we only go up to level 2 for now and let build servers or user provide
the higher level via the CFLAGS.

https://developers.redhat.com/blog/2021/04/16/broadening-compiler-checks-for-buffer-overflows-in-_fortify_source#what_s_next_for__fortify_source

Resolves: https://github.com/stefanberger/swtpm/issues/688
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
1 file changed
tree: 4f289ae2cb7358fd58b3c968169f1f417eb63151
  1. .github/
  2. debian/
  3. include/
  4. man/
  5. samples/
  6. src/
  7. tests/
  8. .gitignore
  9. .travis.yml
  10. autogen.sh
  11. CHANGES
  12. configure.ac
  13. COPYING
  14. DCO1.1.txt
  15. INSTALL
  16. LICENSE
  17. Makefile.am
  18. README
  19. run_tests
  20. swtpm.spec
  21. swtpm.spec.in
  22. TODO