[routino] 05/07: Add patch to use hardening build flags.

Bas Couwenberg sebastic at xs4all.nl
Sat Dec 6 11:03:08 UTC 2014 

This is an automated email from the git hooks/post-receive script.

sebastic-guest pushed a commit to branch master
in repository routino.

commit d2188630ca0bb97fb47bad87f9e3e6060511793f
Author: Bas Couwenberg <sebastic at xs4all.nl>
Date:   Sat Dec 6 11:41:34 2014 +0100

    Add patch to use hardening build flags.
---
 debian/changelog         |  1 +
 debian/patches/hardening | 23 +++++++++++++++++++++++
 debian/patches/series    |  1 +
 3 files changed, 25 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index 462c195..778f76c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -4,6 +4,7 @@ routino (2.7.2-3) unstable; urgency=medium
   * Restructure control file with cme.
   * Bump Standards-Version to 3.9.6, no changes.
   * Use canonical Vcs-* URLs.
+  * Add patch to use hardening build flags.
 
  -- Bas Couwenberg <sebastic at xs4all.nl>  Sat, 06 Dec 2014 11:17:17 +0100
 
diff --git a/debian/patches/hardening b/debian/patches/hardening
new file mode 100644
index 0000000..f1e0f9e
--- /dev/null
+++ b/debian/patches/hardening
@@ -0,0 +1,23 @@
+Description: Use hardening flags in Makefile.conf.
+Author: Bas Couwenberg <sebastic at xs4all.nl>
+
+--- a/Makefile.conf
++++ b/Makefile.conf
+@@ -31,7 +31,6 @@ datadir=$(prefix)/share/routino
+ CC=gcc
+ LD=gcc
+ 
+-
+ # Language dialect selection
+ CFLAGS=-std=c99
+ 
+@@ -79,3 +78,9 @@ CFLAGS+=-D_FILE_OFFSET_BITS=64
+ 
+ # Required to compile on Linux without a warning about pread() and pwrite() functions.
+ CFLAGS+=-D_POSIX_C_SOURCE=200809L
++
++
++# Hardening flags
++CFLAGS+=-fstack-protector-strong -Wformat -Werror=format-security
++CFLAGS+=-D_FORTIFY_SOURCE=2
++LDFLAGS+=-Wl,-z,relro
diff --git a/debian/patches/series b/debian/patches/series
index 6a3ef0a..b083dfd 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -5,3 +5,4 @@ web_path
 install_documentation
 maploader
 mapprops
+hardening

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-grass/routino.git

More information about the Pkg-grass-devel mailing list