diff options
author | Yann E. MORIN" <yann.morin.1998@anciens.enib.fr> | 2011-02-21 22:39:46 (GMT) |
---|---|---|
committer | Yann E. MORIN" <yann.morin.1998@anciens.enib.fr> | 2011-02-21 22:39:46 (GMT) |
commit | b93e67f07ca3cbca6fd3b35274208cb5dce7739e (patch) | |
tree | cf42d5b41b13e69cd46cab7a71a94819d8a150cb /scripts/build | |
parent | 6635f8cd2e6f54eb600bdb4e7413e5ae94d07e88 (diff) |
libc/glibc: add fortify option
By default, recent versions of glibc and eglibc will build some
functions that take format strings (eg. printf, syslog...) with
run-time checks against some format string attacks. This is
called a fortified build.
Unfortunately, this fails somehow while building the instrumented
version of syslog, with some kind of circular dependency...
Disable fortified builds by default, and hide the enabling option
behind EXPERIMENTAL for daring users...
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@anciens.enib.fr>
Diffstat (limited to 'scripts/build')
-rw-r--r-- | scripts/build/libc/glibc-eglibc.sh-common | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/scripts/build/libc/glibc-eglibc.sh-common b/scripts/build/libc/glibc-eglibc.sh-common index c03fa11..8ec8e8d 100644 --- a/scripts/build/libc/glibc-eglibc.sh-common +++ b/scripts/build/libc/glibc-eglibc.sh-common @@ -114,6 +114,7 @@ do_libc() { local extra_cc_args local -a extra_config local -a extra_make_args + local glibc_cflags CT_DoStep INFO "Installing C library" @@ -199,6 +200,12 @@ do_libc() { CT_DoLog DEBUG "Extra config args passed: '${extra_config[*]}'" CT_DoLog DEBUG "Extra CC args passed : '${extra_cc_args}'" + glibc_cflags="${CT_TARGET_CFLAGS} ${CT_LIBC_GLIBC_EXTRA_CFLAGS} ${OPTIMIZE}" + case "${CT_LIBC_ENABLE_FORTIFIED_BUILD}" in + y) ;; + *) glibc_cflags+=" -U_FORTIFY_SOURCE";; + esac + # ./configure is mislead by our tools override wrapper for bash # so just tell it where the real bash is _on_the_target_! # Notes: @@ -221,7 +228,7 @@ do_libc() { # Set BUILD_CC, or we won't be able to build datafiles BUILD_CC="${CT_BUILD}-gcc" \ - CFLAGS="${CT_TARGET_CFLAGS} ${CT_LIBC_GLIBC_EXTRA_CFLAGS} ${OPTIMIZE}" \ + CFLAGS="${glibc_cflags}" \ CC="${CT_TARGET}-gcc ${CT_LIBC_EXTRA_CC_ARGS} ${extra_cc_args}" \ AR=${CT_TARGET}-ar \ RANLIB=${CT_TARGET}-ranlib \ |