changeset
Enable the GCC Stack-Smashing Protection functionality (-fstack-protector-all)
Thu, 06 Sep 2012 05:30:17 +0100
- author
- Daniel Atallah <datallah@pidgin.im>
- date
- Thu, 06 Sep 2012 05:30:17 +0100
- branch
- release-2.x.y
- changeset 33366
- 75dbccde9fc7
- parent 33365
- 3d82cc32b7a2
- child 33367
- 36b1f6ba0564
Enable the GCC Stack-Smashing Protection functionality (-fstack-protector-all)
Thanks again to Jacob Appelbaum for pointing at his pidgin-otr patch.
Fixes #15290
--- a/Makefile.mingw Thu Sep 06 04:38:07 2012 +0100 +++ b/Makefile.mingw Thu Sep 06 05:30:17 2012 +0100 @@ -55,6 +55,7 @@ libplc4.dll \ libplds4.dll \ libsasl.dll \ + libssp-0.dll \ libxml2-2.dll \ nss3.dll \ nssckbi.dll \ @@ -99,6 +100,7 @@ cp $(ENCHANT_TOP)/bin/libenchant.dll $(PIDGIN_INSTALL_DIR)/spellcheck cp -R $(ENCHANT_TOP)/lib/enchant/*.dll $(PIDGIN_INSTALL_DIR)/spellcheck/lib/enchant cp $(WIN32_DEV_TOP)/pidgin-inst-deps-20100315/exchndl.dll $(PIDGIN_INSTALL_DIR) + cp $(GCC_SSP_TOP)/bin/libssp-0.dll $(PIDGIN_INSTALL_DIR) pidgin/win32/nsis/gtk-runtime-$(GTK_BUNDLE_VERSION).zip: pidgin/win32/nsis/generate_gtk_zip.sh `pwd`
--- a/libpurple/win32/global.mak Thu Sep 06 04:38:07 2012 +0100 +++ b/libpurple/win32/global.mak Thu Sep 06 05:30:17 2012 +0100 @@ -22,6 +22,7 @@ SILC_TOOLKIT ?= $(WIN32_DEV_TOP)/silc-toolkit-1.1.10 TCL_LIB_TOP ?= $(WIN32_DEV_TOP)/tcl-8.4.5 GSTREAMER_TOP ?= $(WIN32_DEV_TOP)/gstreamer-0.10.13 +GCC_SSP_TOP ?= $(WIN32_DEV_TOP)/gcc-core-4.4.0-mingw32-dll # Where we installing this stuff to? PIDGIN_INSTALL_DIR := $(PIDGIN_TREE_TOP)/win32-install-dir @@ -57,7 +58,7 @@ GCCWARNINGS ?= -Waggregate-return -Wcast-align -Wdeclaration-after-statement -Werror-implicit-function-declaration -Wextra -Wno-sign-compare -Wno-unused-parameter -Winit-self -Wmissing-declarations -Wmissing-prototypes -Wnested-externs -Wpointer-arith -Wundef -CC_HARDENING_OPTIONS ?= -Wstack-protector -fwrapv -fno-strict-overflow -Wno-missing-field-initializers -Wformat-security +CC_HARDENING_OPTIONS ?= -Wstack-protector -fwrapv -fno-strict-overflow -Wno-missing-field-initializers -Wformat-security -fstack-protector-all --param ssp-buffer-size=1 LD_HARDENING_OPTIONS ?= -Wl,--dynamicbase -Wl,--nxcompat @@ -95,7 +96,7 @@ # address colides with the base address of an existing dll. To avoid rebasing # we do the following. Rebasing can slow down the load time of dlls and it # also renders debug info useless. -DLL_LD_FLAGS += -Wl,--enable-auto-image-base $(LD_HARDENING_OPTIONS) +DLL_LD_FLAGS += -Wl,--enable-auto-image-base -Wl,--enable-auto-import $(LD_HARDENING_OPTIONS) -lssp # Build programs ifeq "$(origin CC)" "default"
--- a/pidgin/Makefile.mingw Thu Sep 06 04:38:07 2012 +0100 +++ b/pidgin/Makefile.mingw Thu Sep 06 05:30:17 2012 +0100 @@ -18,7 +18,7 @@ WINAPP := -mwindows -LDFLAGS := $(WINAPP) $(LD_HARDENING_OPTIONS) +LDFLAGS := $(WINAPP) $(LD_HARDENING_OPTIONS) -Wl,--enable-auto-import -lssp ## ## INCLUDE PATHS @@ -160,7 +160,7 @@ $(CC) -shared $(PIDGIN_OBJECTS) $(LIB_PATHS) $(PIDGIN_LIBS) $(DLL_LD_FLAGS) -Wl,--output-def,$(PIDGIN_TARGET).def,--out-implib,$(PIDGIN_TARGET).dll.a -o $(PIDGIN_TARGET).dll $(EXE_TARGET).exe: $(PIDGIN_CONFIG_H) $(PIDGIN_DLL).a $(EXE_OBJECTS) $(PIDGIN_TARGET).dll - $(CC) $(LDFLAGS) $(EXE_OBJECTS) -o $(EXE_TARGET).exe + $(CC) $(EXE_OBJECTS) $(LDFLAGS) -o $(EXE_TARGET).exe ## ## CLEAN RULES
--- a/pidgin/win32/nsis/pidgin-installer.nsi Thu Sep 06 04:38:07 2012 +0100 +++ b/pidgin/win32/nsis/pidgin-installer.nsi Thu Sep 06 05:30:17 2012 +0100 @@ -638,6 +638,7 @@ Delete "$INSTDIR\libsasl.dll" Delete "$INSTDIR\libsilc-1-1-2.dll" Delete "$INSTDIR\libsilcclient-1-1-3.dll" + Delete "$INSTDIR\libssp-0.dll" Delete "$INSTDIR\libxml2-2.dll" Delete "$INSTDIR\libymsg.dll" Delete "$INSTDIR\nss3.dll"
