rpms/samba
7
0
Fork 0
Code Issues Pull Requests Releases Activity
b939d51dfd
samba/samba-4.9.0rc5-stack-protector.patch
Andreas Schneider 748de698fb Update to version 4.9.0rc5
2018-09-06 13:27:39 +02:00

118 lines
4.5 KiB
Diff
Raw Blame History

From e2dd47233f467e2ab80564968be4af6da6505161 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Mon, 3 Sep 2018 10:35:08 +0200
Subject: [PATCH 1/2] waf: Check for -fstack-protect-strong support
The -fstack-protector* flags are compiler only flags, don't pass them to
the linker.
https://developers.redhat.com/blog/2018/03/21/compiler-and-linker-flags-gcc/
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13601
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 38e97f8b52e85bdfcf2d74a4fb3c848fa46ba371)
---
buildtools/wafsamba/samba_autoconf.py | 36 ++++++++++++++-------------
1 file changed, 19 insertions(+), 17 deletions(-)
diff --git a/buildtools/wafsamba/samba_autoconf.py b/buildtools/wafsamba/samba_autoconf.py
index c4391d0c4dc..bfd6f9710db 100644
--- a/buildtools/wafsamba/samba_autoconf.py
+++ b/buildtools/wafsamba/samba_autoconf.py
@@ -674,23 +674,25 @@ def SAMBA_CONFIG_H(conf, path=None):
return
# we need to build real code that can't be optimized away to test
- if conf.check(fragment='''
- #include <stdio.h>
-
- int main(void)
- {
- char t[100000];
- while (fgets(t, sizeof(t), stdin));
- return 0;
- }
- ''',
- execute=0,
- ccflags='-fstack-protector',
- ldflags='-fstack-protector',
- mandatory=False,
- msg='Checking if toolchain accepts -fstack-protector'):
- conf.ADD_CFLAGS('-fstack-protector')
- conf.ADD_LDFLAGS('-fstack-protector')
+ stack_protect_list = ['-fstack-protector-strong', '-fstack-protector']
+ for stack_protect_flag in stack_protect_list:
+ flag_supported = conf.check(fragment='''
+ #include <stdio.h>
+
+ int main(void)
+ {
+ char t[100000];
+ while (fgets(t, sizeof(t), stdin));
+ return 0;
+ }
+ ''',
+ execute=0,
+ ccflags=[ '-Werror', '-Wp,-D_FORTIFY_SOURCE=2', stack_protect_flag],
+ mandatory=False,
+ msg='Checking if compiler accepts %s' % (stack_protect_flag))
+ if flag_supported:
+ conf.ADD_CFLAGS('-Wp,-D_FORTIFY_SOURCE=2 %s' % (stack_protect_flag))
+ break
if Options.options.debug:
conf.ADD_CFLAGS('-g', testflags=True)
--
2.18.0
From 09f3acb3497efb9ebb8a0d7d199726a8c318e4f8 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@samba.org>
Date: Mon, 3 Sep 2018 10:49:52 +0200
Subject: [PATCH 2/2] waf: Add -fstack-clash-protection
https://developers.redhat.com/blog/2018/03/21/compiler-and-linker-flags-gcc/
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13601
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit fc4df251c88365142515a81bea1120b2b84cc4a0)
---
buildtools/wafsamba/samba_autoconf.py | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
diff --git a/buildtools/wafsamba/samba_autoconf.py b/buildtools/wafsamba/samba_autoconf.py
index bfd6f9710db..f2b3ec8db8d 100644
--- a/buildtools/wafsamba/samba_autoconf.py
+++ b/buildtools/wafsamba/samba_autoconf.py
@@ -694,6 +694,23 @@ def SAMBA_CONFIG_H(conf, path=None):
conf.ADD_CFLAGS('-Wp,-D_FORTIFY_SOURCE=2 %s' % (stack_protect_flag))
break
+ flag_supported = conf.check(fragment='''
+ #include <stdio.h>
+
+ int main(void)
+ {
+ char t[100000];
+ while (fgets(t, sizeof(t), stdin));
+ return 0;
+ }
+ ''',
+ execute=0,
+ ccflags=[ '-Werror', '-fstack-clash-protection'],
+ mandatory=False,
+ msg='Checking if compiler accepts -fstack-clash-protection')
+ if flag_supported:
+ conf.ADD_CFLAGS('-fstack-clash-protection')
+
if Options.options.debug:
conf.ADD_CFLAGS('-g', testflags=True)
--
2.18.0
Reference in New Issue View Git Blame Copy Permalink