From 5afefb949611b0c194241650a4cd31428bbec4bb Mon Sep 17 00:00:00 2001 From: Stephen Seo Date: Thu, 26 Sep 2024 17:31:06 +0900 Subject: [PATCH] Add compiler hardening flags --- CMakeLists.txt | 43 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) diff --git a/CMakeLists.txt b/CMakeLists.txt index 1ecbcee..6bed693 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -28,6 +28,49 @@ endif() add_executable(simplearchiver ${SimpleArchiver_SOURCES}) +target_compile_options(simplearchiver PUBLIC + -Wall -Wformat -Wformat=2 -Wconversion -Wimplicit-fallthrough + -Werror=format-security + -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=3 + -D_GLIBCXX_ASSERTIONS + -fstrict-flex-arrays=3 + -fstack-clash-protection -fstack-protector-strong + -Wl,-z,nodlopen -Wl,-z,noexecstack + -Wl,-z,relro -Wl,-z,now + -Wl,--as-needed -Wl,--no-copy-dt-needed-entries + -fPIE -pie +) + +target_link_options(simplearchiver PUBLIC + -Wall -Wformat -Wformat=2 -Wconversion -Wimplicit-fallthrough + -Werror=format-security + -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=3 + -D_GLIBCXX_ASSERTIONS + -fstrict-flex-arrays=3 + -fstack-clash-protection -fstack-protector-strong + -Wl,-z,nodlopen -Wl,-z,noexecstack + -Wl,-z,relro -Wl,-z,now + -Wl,--as-needed -Wl,--no-copy-dt-needed-entries + -fPIE -pie +) + +# Inhibit format-string-related warning in src/archiver.c . +set_source_files_properties(src/archiver.c + PROPERTIES + COMPILE_FLAGS -Wno-format-nonliteral +) + +if(CMAKE_BUILD_TYPE STREQUAL "Release") + target_compile_options(simplearchiver PUBLIC + -fno-delete-null-pointer-checks -fno-strict-overflow + -fno-strict-aliasing -ftrivial-auto-var-init=zero + ) + target_link_options(simplearchiver PUBLIC + -fno-delete-null-pointer-checks -fno-strict-overflow + -fno-strict-aliasing -ftrivial-auto-var-init=zero + ) +endif() + add_executable(test_datastructures src/data_structures/test.c src/data_structures/linked_list.c