0ct0pu5/wesnoth
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Disabling hardening on Windows due to tdm-gcc's poor support.

Browse source 
As per sigurd's trial and error: RELRO's options are unknown entirely and -fstack-protector-strong results in compile errors.  Building with just PIE and _FORTIFY_SOURCE enabled does then compile, but results in a broken executable.

(cherry-picked from commit c954117677)
This commit is contained in:
Pentarctagon 2018-06-22 08:46:34 -05:00
parent ee6af7d8ce
commit e405dc2bff
2 changed files with 4 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
CMakeLists.txt
View file

@ -244,20 +244,18 @@ if(NOT "${CMAKE_CXX_FLAGS}" STREQUAL "${COMPILER_FLAGS}")
endif(NOT "${CMAKE_CXX_FLAGS}" STREQUAL "${COMPILER_FLAGS}") endif(NOT "${CMAKE_CXX_FLAGS}" STREQUAL "${COMPILER_FLAGS}")
# check for hardening options # check for hardening options
if(HARDEN) if(HARDEN AND NOT WIN32)
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fPIE -fstack-protector-strong") set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fPIE -fstack-protector-strong")
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fPIE -fstack-protector-strong") set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fPIE -fstack-protector-strong")
if(APPLE) if(APPLE)
set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -fPIE -Wl,-pie") set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -fPIE -Wl,-pie")
elseif(WIN32)
set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -fPIE -pie")
else() else()
set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -fPIE -pie -Wl,-z,relro,-z,now") set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -fPIE -pie -Wl,-z,relro,-z,now")
endif() endif()
add_definitions(-D_FORTIFY_SOURCE=2) add_definitions(-D_FORTIFY_SOURCE=2)
endif(HARDEN) endif(HARDEN AND NOT WIN32)
if(UNIX AND NOT CMAKE_COMPILER_IS_GNUCXX) if(UNIX AND NOT CMAKE_COMPILER_IS_GNUCXX)
# Assume the compiler is the clang compiler. # Assume the compiler is the clang compiler.

5
SConstruct
View file

@ -498,9 +498,10 @@ for env in [test_env, client_env, env]:
# # # #
# Add options to provide more hardened executables # Add options to provide more hardened executables
# osx doesn't seem to support RELRO # osx doesn't seem to support RELRO
# windows' tdm-gcc doesn't seem to provide good support for the hardening options in general
# # # #
if env['harden']: if env['harden'] and env["PLATFORM"] != 'win32':
env.AppendUnique(CCFLAGS = ["-fPIE", "-fstack-protector-strong"]) env.AppendUnique(CCFLAGS = ["-fPIE", "-fstack-protector-strong"])
env.AppendUnique(CPPDEFINES = ["_FORTIFY_SOURCE=2"]) env.AppendUnique(CPPDEFINES = ["_FORTIFY_SOURCE=2"])
@ -509,8 +510,6 @@ for env in [test_env, client_env, env]:
if env["PLATFORM"] == 'darwin': if env["PLATFORM"] == 'darwin':
env.AppendUnique(LINKFLAGS = ["-fPIE", "-Wl,-pie"]) env.AppendUnique(LINKFLAGS = ["-fPIE", "-Wl,-pie"])
elif env["PLATFORM"] == 'win32':
env.AppendUnique(LINKFLAGS = ["-fPIE", "-pie"])
else: else:
env.AppendUnique(LINKFLAGS = ["-fPIE", "-pie", "-Wl,-z,relro,-z,now"]) env.AppendUnique(LINKFLAGS = ["-fPIE", "-pie", "-Wl,-z,relro,-z,now"])