edg-l/ddnet
1
0
Fork 0
mirror of https://github.com/ddnet/ddnet.git synced 2024-11-19 14:38:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2017 from heinrich5991/pr_hardening

Browse source 
Add more hardening flags
This commit is contained in:
oy 2019-02-04 10:42:12 +01:00 committed by GitHub
parent f8ba164268 ad0946df37
commit 79fe483b83
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
CMakeLists.txt
View file

@ -133,7 +133,13 @@ endfunction()
if(NOT MSVC) if(NOT MSVC)
# Protect the stack pointer. # Protect the stack pointer.
# -fstack-protector-all doesn't work on MinGW. # -fstack-protector-all doesn't work on MinGW.
add_c_compiler_flag_if_supported(OUR_FLAGS -fstack-protector-all) add_c_compiler_flag_if_supported(OUR_FLAGS -fstack-protector-strong)
# Protect the stack from clashing.
add_c_compiler_flag_if_supported(OUR_FLAGS -fstack-clash-protection)
# Control-flow protection. Should protect against ROP.
add_c_compiler_flag_if_supported(OUR_FLAGS -fcf-protection)
# Inaccurate floating point numbers cause problems on mingw-w64-gcc when # Inaccurate floating point numbers cause problems on mingw-w64-gcc when
# compiling for x86, might cause problems elsewhere. So don't store floats # compiling for x86, might cause problems elsewhere. So don't store floats
@ -1797,6 +1803,7 @@ foreach(target ${TARGETS})
if(DEFINE_FORTIFY_SOURCE) if(DEFINE_FORTIFY_SOURCE)
target_compile_definitions(${target} PRIVATE $<$<NOT:$<CONFIG:Debug>>:_FORTIFY_SOURCE=2>) # Detect some buffer overflows. target_compile_definitions(${target} PRIVATE $<$<NOT:$<CONFIG:Debug>>:_FORTIFY_SOURCE=2>) # Detect some buffer overflows.
endif() endif()
target_compile_definitions(${target} PRIVATE _GLIBCXX_ASSERTIONS) # Enable run-time bounds-checking for the STL
endforeach() endforeach()
foreach(target ${TARGETS_LINK}) foreach(target ${TARGETS_LINK})