Archives/OpenTTD-patches
2
0
Fork 0
mirror of https://github.com/JGRennison/OpenTTD-patches.git synced 2024-11-02 09:40:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

(svn r24429) -Change: add some hardening flags to the compiler for release builds

Browse Source
This commit is contained in:
rubidium 2012-07-22 05:33:09 +00:00
parent 3202b09b12
commit 990c9f8a7f
2 changed files with 18 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
config.lib
View File

@ -1302,8 +1302,8 @@ make_compiler_cflags() {
flags="$flags -Wall -Wno-multichar -Wsign-compare -Wundef"
flags="$flags -Wwrite-strings -Wpointer-arith"
flags="$flags -W -Wno-unused-parameter -Wformat=2"
flags="$flags -Wredundant-decls"
flags="$flags -W -Wno-unused-parameter -Wredundant-decls"
flags="$flags -Wformat=2 -Wformat-security -Werror=format-security"
if [ $enable_assert -eq 0 ]; then
# Do not warn about unused variables when building without asserts
@ -1427,12 +1427,6 @@ make_cflags_and_ldflags() {
# Each debug level reduces the optimization by a bit
if [ $enable_debug -ge 1 ]; then
CFLAGS="$CFLAGS -g -D_DEBUG"
if basename "$cc_host" | grep "gcc" &>/dev/null; then
# Define only when compiling with GCC, some
# GLIBC versions use GNU extensions in a way
# that breaks build with at least ICC
CFLAGS="$CFLAGS -D_FORTIFY_SOURCE=2"
fi
if [ "$os" = "PSP" ]; then
CFLAGS="$CFLAGS -G0"
fi
@ -1447,6 +1441,18 @@ make_cflags_and_ldflags() {
fi
fi
if [ $enable_debug -le 2 ]; then
if basename "$cc_host" | grep "gcc" &>/dev/null; then
# Define only when compiling with GCC. Some GLIBC versions use GNU
# extensions in a way that breaks build with at least ICC.
# This requires -O1 or more, so debug level 3 (-O0) is excluded.
CFLAGS="$CFLAGS -D_FORTIFY_SOURCE=2"
# Just add -O1 to the tools needed for building.
CFLAGS_BUILD="$CFLAGS_BUILD -D_FORTIFY_SOURCE=2 -O1"
fi
fi
if [ "$os" = "OSX" ] && [ $cc_version -eq 40 ]; then
# Apple's GCC 4.0 has a compiler bug for x86_64 with (higher) optimization,
# wrongly optimizing ^= in loops. This disables the failing optimisation.

5
src/depend/depend.cpp
View File

@ -910,7 +910,10 @@ int main(int argc, char *argv[])
size = ftell(src);
rewind(src);
content = (char*)malloc(size * sizeof(*content));
fread(content, 1, size, src);
if (fread(content, 1, size, src) != (size_t)size) {
fprintf(stderr, "Could not read %s\n", filename);
exit(-2);
}
fclose(src);
}