Page MenuHomePhabricator
Differential D2660

[CMAKE] Define FORTIFY_SOURCE=2
AbandonedPublic
Actions

Authored by Fabien on Mar 6 2019, 15:49.

Details

Reviewers
deadalnix
Group Reviewers
Restricted Project
Summary

This is part of the hardening process, it enables some buffer overflow
detection.

Depends on D2674

Test Plan
mkdir buildcmake && cd buildcmake
cmake -GNinja .. -DCMAKE_BUILD_TYPE=RelWithDebInfo
ninja -v

Check the -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 flags are added on the
compiler command lines.

Diff Detail

Repository
rABC Bitcoin ABC
Branch
cmake_hardening_fortify_source
Lint
Lint Passed
Unit
No Test Coverage
Build Status
Buildable 5193
Build 8449: Bitcoin ABC Buildbot (legacy)
Build 8448: arc lint + arc unit

Event Timeline

Fabien created this revision.Mar 6 2019, 15:49
Herald added a reviewer: Restricted Project. · View Herald TranscriptMar 6 2019, 15:49
Herald added a reviewer: deadalnix. · View Herald Transcript
Herald added a subscriber: schancel. · View Herald Transcript
teamcity added a subscriber: teamcity.Mar 6 2019, 15:50

Build Bitcoin-ABC / Diffs / Bitcoin-ABC Diff Testing started.

teamcity added a comment.Mar 6 2019, 16:04

Build Bitcoin-ABC / Diffs / Bitcoin-ABC Diff Testing passed.

Harbormaster completed remote builds in B5166: Diff 7622.Mar 6 2019, 16:04
deadalnix requested changes to this revision.Mar 7 2019, 17:38

This raises also the fact that D2640 was wrong as well.

src/CMakeLists.txt
41 ↗(On Diff #7622)

Please copy what autotool does for hardening instead. Passing the PIE flags is also part of the hardening featues.

This revision now requires changes to proceed.Mar 7 2019, 17:38
Fabien updated this revision to Diff 7658.Mar 8 2019, 14:49

Rebase on top of D2674

Fabien edited the summary of this revision. (Show Details)Mar 8 2019, 14:49
Fabien added a parent revision: D2674: [CMAKE] Add an option to enable/disable hardening.
Fabien removed a parent revision: D2653: [CMAKE] Fix cached variable that prevents testing for flag support.
teamcity added a comment.Mar 8 2019, 14:50

Build Bitcoin-ABC / Diffs / Bitcoin-ABC Diff Testing started.

teamcity added a comment.Mar 8 2019, 15:05

Build Bitcoin-ABC / Diffs / Bitcoin-ABC Diff Testing passed.

Harbormaster completed remote builds in B5193: Diff 7658.Mar 8 2019, 15:05
Fabien mentioned this in D2687: [CMAKE] Harden the executables.Mar 13 2019, 13:51
Fabien planned changes to this revision.Mar 13 2019, 14:52

Superseeded by D2687, can be removed when landed.

Fabien mentioned this in rABCa423ecd14cd9: [CMAKE] Harden the executables.Mar 20 2019, 13:46
Fabien abandoned this revision.Mar 20 2019, 17:32

Superseeded by D2687

Fabien mentioned this in rSTAGINGa423ecd14cd9: [CMAKE] Harden the executables.Sep 18 2019, 22:45

Revision Contents
Changeset List

PathSize
src/
2 lines

Diff 7658

View Options

src/CMakeLists.txt

Loading...