diff options
author | saerome.kim <saerome.kim@samsung.com> | 2019-11-08 19:16:40 +0900 |
---|---|---|
committer | saerome.kim <saerome.kim@samsung.com> | 2019-11-08 19:58:31 +0900 |
commit | 633a3974a94a53e37f82026ca6fa4968cb4d91e9 (patch) | |
tree | 4b6d969c3c066e235c9ea3fddfabee0d561f9301 | |
parent | 510e0b1acb90dc2cf4ec50b5c878ffeb1a500ad5 (diff) | |
download | user-awareness-633a3974a94a53e37f82026ca6fa4968cb4d91e9.tar.gz user-awareness-633a3974a94a53e37f82026ca6fa4968cb4d91e9.tar.bz2 user-awareness-633a3974a94a53e37f82026ca6fa4968cb4d91e9.zip |
Apply secure option
- Problem: There is no FORTIFY option.
- Cause: Unlike the SSP that catches the stack BOF, a protection technique is
needed to catch the BOF that occurs in a general memory buffer.
- Solution: apply FORTIFY and stack-canar options.
Change-Id: Idaddb614389bf6f8620720bb51c21128bbca0731
Signed-off-by: saerome.kim <saerome.kim@samsung.com>
-rw-r--r-- | CMakeLists.txt | 12 | ||||
-rw-r--r-- | packaging/capi-network-ua.spec | 2 |
2 files changed, 11 insertions, 3 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt index 4300258..e39a147 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -30,10 +30,18 @@ FOREACH(flag ${PKGS_CFLAGS}) SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}") ENDFOREACH(flag) -SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} -fPIC -Wall -Werror") IF(BUILD_GCOV) - SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fprofile-arcs -ftest-coverage") + SET(GGOV_FLAGS " -fprofile-arcs -ftest-coverage") +ELSE(BUILD_GCOV) + set(GCOV_FLAGS "") ENDIF(BUILD_GCOV) + +SET(RELRO_FLAGS "-Wl,-z,relro") +SET(FORTIFY_FLAGS "-D_FORTIFY_SOURCE=2") +SET(STACK_CANARY_FLAGS "-fstack-protector-strong") +SET(PIE_FLAGS "-fPIE -fPIC") +SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} ${STACK_CANARY_FLAGS} ${FORTIFY_FLAGS} ${RELRO_FLAGS} ${PIE_FLAGS} ${GCOV_FLAGS} -Wall -Werror") + SET(LIB_NAME "${PROJECT_NAME}") SET(LIB_PREFIX ${CMAKE_INSTALL_PREFIX}) SET(LIB_DIR "${LIB_PATH}") diff --git a/packaging/capi-network-ua.spec b/packaging/capi-network-ua.spec index e2a42b5..cc1a630 100644 --- a/packaging/capi-network-ua.spec +++ b/packaging/capi-network-ua.spec @@ -1,6 +1,6 @@ Name: capi-network-ua Summary: User Awareness Framework CAPI -Version: 0.12.12 +Version: 0.12.13 Release: 1 License: Apache-2.0 Source0: %{name}-%{version}.tar.gz |