blob: a3bac565b09939b1ae10bc63bcb6e096e8ac7dbb (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
From: Benjamin Barenblat <bbaren@mit.edu>
Subject: Remove build flags which impede hardening
Forwarded: no
Vanilla urweb builds with -Wno-format-security and -U_FORTIFY_SOURCE.
Apparently, upstream added the former to cope with difficulties building on
OS X [1] and the latter to improve performance [2].
[1] http://hg.impredicative.com/urweb/rev/3d0cc841cafd
[2] http://hg.impredicative.com/urweb/rev/126d24ef6678
--- a/src/c/Makefile.am
+++ b/src/c/Makefile.am
@@ -7,7 +7,7 @@ liburweb_fastcgi_la_SOURCES = fastcgi.c
liburweb_static_la_SOURCES = static.c
AM_CPPFLAGS = -I$(srcdir)/../../include/urweb $(OPENSSL_INCLUDES) $(ICU_INCLUDES)
-AM_CFLAGS = -Wall -Wunused-parameter -Werror -Wno-format-security -Wno-deprecated-declarations -U_FORTIFY_SOURCE $(PTHREAD_CFLAGS)
+AM_CFLAGS = -Wall -Wunused-parameter -Werror -Wno-deprecated-declarations $(PTHREAD_CFLAGS)
liburweb_la_LDFLAGS = $(AM_LDFLAGS) $(OPENSSL_LDFLAGS) \
-export-symbols-regex '^(client_pruner|pthread_create_big|strcmp_nullsafe|uw_.*)' \
-version-info 1:0:0
|
