Fortify Source patch issues.

robert baker robertmbaker at gmail.com
Wed May 5 18:12:10 PDT 2010


The gcc 4 fortify source patch currently referenced in Onward fails to
make -D_FORTIFY_SOURCE=2 the default unless -O or -Os or above is
passed to gcc. Fortify source is not enabled if -O0 is passed which
iirc is the default level. While reviewing older fortify source
patches I found -O was previously added to the default specs. After
adding it to the current patch fortify source was used by default as
expected.

The updated patch can be found here
http://www.linuxfromscratch.org/~rbaker/gcc-4.4.3-fortify_source.diff

I will continue testing with it before I make any changes to SVN to
reference it, but so far everything is looking good.

If anyone sees any problem with adding %{!O*:-O} to the specs file let me know.

RBaker



More information about the hlfs-dev mailing list