| Message ID | 1404105243-5071-4-git-send-email-bmarzins@redhat.com (mailing list archive) |
|---|---|
| State | Accepted, archived |
| Delegated to: | christophe varoqui |
| Headers | show |
Applied. Thanks. On Mon, Jun 30, 2014 at 7:13 AM, Benjamin Marzinski <bmarzins@redhat.com> wrote: > -Wformat-security warns about format-strigs that represent possible > security problems. This is check is now enabled for fedora builds, and it > seems like a reasonable thing to always be checking. > > Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com> > --- > Makefile.inc | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/Makefile.inc b/Makefile.inc > index 0669d32..1486721 100644 > --- a/Makefile.inc > +++ b/Makefile.inc > @@ -46,7 +46,7 @@ GZIP = gzip -9 -c > INSTALL_PROGRAM = install > > ifndef RPM_OPT_FLAGS > - RPM_OPT_FLAGS = -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 > -fexceptions -fstack-protector --param=ssp-buffer-size=4 > + RPM_OPT_FLAGS = -O2 -g -pipe -Wformat-security -Wall > -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong > --param=ssp-buffer-size=4 > endif > > OPTFLAGS = $(RPM_OPT_FLAGS) -Wunused -Wstrict-prototypes > -- > 1.8.3.1 > > -- dm-devel mailing list dm-devel@redhat.com https://www.redhat.com/mailman/listinfo/dm-devel
On 06/30/2014 07:13 AM, Benjamin Marzinski wrote: > -Wformat-security warns about format-strigs that represent possible > security problems. This is check is now enabled for fedora builds, and it > seems like a reasonable thing to always be checking. > > Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com> > --- > Makefile.inc | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/Makefile.inc b/Makefile.inc > index 0669d32..1486721 100644 > --- a/Makefile.inc > +++ b/Makefile.inc > @@ -46,7 +46,7 @@ GZIP = gzip -9 -c > INSTALL_PROGRAM = install > > ifndef RPM_OPT_FLAGS > - RPM_OPT_FLAGS = -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 > + RPM_OPT_FLAGS = -O2 -g -pipe -Wformat-security -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 > endif > > OPTFLAGS = $(RPM_OPT_FLAGS) -Wunused -Wstrict-prototypes > '-fstack-protector-strong' is not recognized on any of my gcc versions supplied by SUSE. Can we please revert it to the original '-fstack-protector'? '-Wformat-security' is okay, though. Cheers, Hannes
diff --git a/Makefile.inc b/Makefile.inc index 0669d32..1486721 100644 --- a/Makefile.inc +++ b/Makefile.inc @@ -46,7 +46,7 @@ GZIP = gzip -9 -c INSTALL_PROGRAM = install ifndef RPM_OPT_FLAGS - RPM_OPT_FLAGS = -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 + RPM_OPT_FLAGS = -O2 -g -pipe -Wformat-security -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 endif OPTFLAGS = $(RPM_OPT_FLAGS) -Wunused -Wstrict-prototypes
-Wformat-security warns about format-strigs that represent possible security problems. This is check is now enabled for fedora builds, and it seems like a reasonable thing to always be checking. Signed-off-by: Benjamin Marzinski <bmarzins@redhat.com> --- Makefile.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)