aboutsummaryrefslogtreecommitdiff
path: root/configure.ac
diff options
context:
space:
mode:
authorWladimir J. van der Laan <laanwj@protonmail.com>2019-10-15 14:00:26 +0200
committerWladimir J. van der Laan <laanwj@protonmail.com>2019-10-15 14:00:32 +0200
commitee47461ea511827279b9b2803c2c4d251aa4c1d8 (patch)
tree6f278dfdaabeedec598c77cfef4d8fcb419dcc26 /configure.ac
parentb544eb6370f0b0b147e76d14c05e9f4a5c6d304f (diff)
parent44f7a8d7a774f82417106c452d793e6f091bc23e (diff)
Merge #17033: Disable _FORTIFY_SOURCE when enable-debug
44f7a8d7a774f82417106c452d793e6f091bc23e Disable _FORTIFY_SOURCE when enable-debug (Andrew Chow) Pull request description: The `_FORTIFY_SOURCE` macro is enabled by default when hardening is enabled, but it requires optimization in order to be used. Since we disable all optimization with `--enable-debug`, this macro doesn't actually do anything and instead just causes a lot of warnings to be printed. This PR explicitly disables `_FORTIFY_SOURCE` so that these useless warnings aren't printed. ACKs for top commit: laanwj: Thanks. ACK 44f7a8d7a774f82417106c452d793e6f091bc23e Tree-SHA512: e9302aef794dfd9ca9d0d032179ecc51d3212a9a0204454419f410011343b27c32e6be05f385051b5b594c607b91b8e0e588f644584d6684429a649a413077d9
Diffstat (limited to 'configure.ac')
-rw-r--r--configure.ac15
1 files changed, 10 insertions, 5 deletions
diff --git a/configure.ac b/configure.ac
index d25e0f4496..715b65f091 100644
--- a/configure.ac
+++ b/configure.ac
@@ -753,12 +753,17 @@ if test x$use_hardening != xno; then
AX_CHECK_COMPILE_FLAG([-Wstack-protector],[HARDENED_CXXFLAGS="$HARDENED_CXXFLAGS -Wstack-protector"])
AX_CHECK_COMPILE_FLAG([-fstack-protector-all],[HARDENED_CXXFLAGS="$HARDENED_CXXFLAGS -fstack-protector-all"])
- AX_CHECK_PREPROC_FLAG([-D_FORTIFY_SOURCE=2],[
- AX_CHECK_PREPROC_FLAG([-U_FORTIFY_SOURCE],[
- HARDENED_CPPFLAGS="$HARDENED_CPPFLAGS -U_FORTIFY_SOURCE"
+ # When enable_debug is yes, all optimizations are disabled.
+ # However, FORTIFY_SOURCE requires that there is some level of optimization, otherwise it does nothing and just creates a compiler warning.
+ # Since FORTIFY_SOURCE is a no-op without optimizations, do not enable it when enable_debug is yes.
+ if test x$enable_debug != xyes; then
+ AX_CHECK_PREPROC_FLAG([-D_FORTIFY_SOURCE=2],[
+ AX_CHECK_PREPROC_FLAG([-U_FORTIFY_SOURCE],[
+ HARDENED_CPPFLAGS="$HARDENED_CPPFLAGS -U_FORTIFY_SOURCE"
+ ])
+ HARDENED_CPPFLAGS="$HARDENED_CPPFLAGS -D_FORTIFY_SOURCE=2"
])
- HARDENED_CPPFLAGS="$HARDENED_CPPFLAGS -D_FORTIFY_SOURCE=2"
- ])
+ fi
AX_CHECK_LINK_FLAG([[-Wl,--dynamicbase]], [HARDENED_LDFLAGS="$HARDENED_LDFLAGS -Wl,--dynamicbase"])
AX_CHECK_LINK_FLAG([[-Wl,--nxcompat]], [HARDENED_LDFLAGS="$HARDENED_LDFLAGS -Wl,--nxcompat"])