12e97d4035
Add support for "-fstack-protector-strong". This extends the WITH_SSP_PORTS Makefile option in FreeBSD which adds "-fstack-protector" and "-fstack-protector-all" command-line options that add extra code to check for buffer overflows to ports built that way, cf. https://gcc.gnu.org/onlinedocs/gcc-4.8.3/gcc/Optimize-Options.html While this was a good first step, those switches offer too little protection or too much overhead and so Google contributed a balanced "-fstack-protector-strong". [1] PR: 186852 [1] Submitted by: software-freebsd@interfasys.ch [1]
11 lines
515 B
Text
11 lines
515 B
Text
--- gcc/c-family/c-cppbuiltin.c.orig
|
|
+++ gcc/c-family/c-cppbuiltin.c
|
|
@@ -888,6 +888,8 @@ c_cpp_builtins (cpp_reader *pfile)
|
|
/* Make the choice of the stack protector runtime visible to source code.
|
|
The macro names and values here were chosen for compatibility with an
|
|
earlier implementation, i.e. ProPolice. */
|
|
+ if (flag_stack_protect == 3)
|
|
+ cpp_define (pfile, "__SSP_STRONG__=3");
|
|
if (flag_stack_protect == 2)
|
|
cpp_define (pfile, "__SSP_ALL__=2");
|
|
else if (flag_stack_protect == 1)
|