Bug 1359908 Add FORTIFY_SOURCE to gcc and clang builds by default
This adds a section in both old-configure.in's for hardening flags.
In old-configure.in we add $HARDENING_CFLAGS (which are turned on by
--enable-hardening) and are defined in toolchain.configure (and
which does compiler detection there.) We then add non-optional
hardening flags, performing compiler detection here.
In js/src/old-configure.in we follow the same pattern, but omit
$HARDENING_CFLAGS because we don't apply the current lone flag
to js (doing so is
Bug 1359905).
MozReview-Commit-ID: EFE0Pc7yZHa
--- a/js/src/old-configure.in
+++ b/js/src/old-configure.in
@@ -539,16 +539,25 @@ case "$host" in
HOST_CFLAGS="$HOST_CFLAGS -DXP_UNIX"
HOST_OPTIMIZE_FLAGS="${HOST_OPTIMIZE_FLAGS=-O2}"
;;
esac
MOZ_DOING_LTO(lto_is_enabled)
dnl ========================================================
+dnl Add optional and non-optional hardening flags
+dnl ========================================================
+if test "$GNU_CC" -o test -n "${CLANG_CC}${CLANG_CL}"; then
+ CFLAGS="$CFLAGS -D_FORTIFY_SOURCE=2"
+ CPPFLAGS="$CPPFLAGS -D_FORTIFY_SOURCE=2"
+ CXXFLAGS="$CXXFLAGS -D_FORTIFY_SOURCE=2"
+fi
+
+dnl ========================================================
dnl System overrides of the defaults for target
dnl ========================================================
case "$target" in
*-darwin*)
MKSHLIB='$(CXX) $(CXXFLAGS) $(DSO_PIC_CFLAGS) $(DSO_LDOPTS) -o $@'
MKCSHLIB='$(CC) $(CFLAGS) $(DSO_PIC_CFLAGS) $(DSO_LDOPTS) -o $@'
MOZ_OPTIMIZE_FLAGS="-O3 -fno-stack-protector"
--- a/old-configure.in
+++ b/old-configure.in
@@ -488,21 +488,29 @@ fi
if test -n "${CLANG_CXX}${CLANG_CL}"; then
_WARNINGS_CXXFLAGS="-Qunused-arguments ${_WARNINGS_CXXFLAGS}"
fi
if test -n "$COMPILE_ENVIRONMENT"; then
MOZ_CONFIG_SANITIZE
fi
-# Add the hardening flags from moz.configure
+dnl ========================================================
+dnl Add optional and non-optional hardening flags
+dnl ========================================================
CFLAGS="$CFLAGS $HARDENING_CFLAGS"
CPPFLAGS="$CPPFLAGS $HARDENING_CFLAGS"
CXXFLAGS="$CXXFLAGS $HARDENING_CFLAGS"
+if test "$GNU_CC" -o test -n "${CLANG_CC}${CLANG_CL}"; then
+ CFLAGS="$CFLAGS -D_FORTIFY_SOURCE=2"
+ CPPFLAGS="$CPPFLAGS -D_FORTIFY_SOURCE=2"
+ CXXFLAGS="$CXXFLAGS -D_FORTIFY_SOURCE=2"
+fi
+
dnl ========================================================
dnl GNU specific defaults
dnl ========================================================
if test "$GNU_CC"; then
MMX_FLAGS="-mmmx"
SSE_FLAGS="-msse"
SSE2_FLAGS="-msse2"
SSSE3_FLAGS="-mssse3"