[Python-apps-team] Bug#704927: mypaint: hardening flags are not honored
Sebastian Ramacher
sramacher at debian.org
Sun Apr 7 19:46:24 UTC 2013
Source: mypaint
Version: 1.1.0-1
Although the changelog for 1.1.0-1 claims that hardening flags are
honored, not all of the files are compiled with these flags.
lib/mypaintlib_wrap.cpp is compiled with them, but all the files in brushlib
are not. blhc confirms that:
CFLAGS missing (-fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security): gcc -o brushlib/brushmodes.os -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -fPIC -Ibrushlib -I/usr/include/json brushlib/brushmodes.c
CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -o brushlib/brushmodes.os -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -fPIC -Ibrushlib -I/usr/include/json brushlib/brushmodes.c
CFLAGS missing (-fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security): gcc -o brushlib/fifo.os -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -fPIC -Ibrushlib -I/usr/include/json brushlib/fifo.c
CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -o brushlib/fifo.os -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -fPIC -Ibrushlib -I/usr/include/json brushlib/fifo.c
CFLAGS missing (-fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security): gcc -o brushlib/helpers.os -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -fPIC -Ibrushlib -I/usr/include/json brushlib/helpers.c
CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -o brushlib/helpers.os -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -fPIC -Ibrushlib -I/usr/include/json brushlib/helpers.c
CFLAGS missing (-fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security): gcc -o brushlib/mapping.os -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -fPIC -Ibrushlib -I/usr/include/json brushlib/mapping.c
CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -o brushlib/mapping.os -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -fPIC -Ibrushlib -I/usr/include/json brushlib/mapping.c
CFLAGS missing (-fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security): gcc -o brushlib/mypaint-brush-settings.os -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -fPIC -Ibrushlib -I/usr/include/json brushlib/mypaint-brush-settings.c
CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -o brushlib/mypaint-brush-settings.os -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -fPIC -Ibrushlib -I/usr/include/json brushlib/mypaint-brush-settings.c
CFLAGS missing (-fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security): gcc -o brushlib/mypaint-brush.os -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -fPIC -Ibrushlib -I/usr/include/json brushlib/mypaint-brush.c
CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -o brushlib/mypaint-brush.os -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -fPIC -Ibrushlib -I/usr/include/json brushlib/mypaint-brush.c
CFLAGS missing (-fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security): gcc -o brushlib/mypaint-fixed-tiled-surface.os -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -fPIC -Ibrushlib -I/usr/include/json brushlib/mypaint-fixed-tiled-surface.c
CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -o brushlib/mypaint-fixed-tiled-surface.os -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -fPIC -Ibrushlib -I/usr/include/json brushlib/mypaint-fixed-tiled-surface.c
CFLAGS missing (-fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security): gcc -o brushlib/mypaint-surface.os -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -fPIC -Ibrushlib -I/usr/include/json brushlib/mypaint-surface.c
CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -o brushlib/mypaint-surface.os -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -fPIC -Ibrushlib -I/usr/include/json brushlib/mypaint-surface.c
CFLAGS missing (-fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security): gcc -o brushlib/mypaint-tiled-surface.os -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -fPIC -Ibrushlib -I/usr/include/json brushlib/mypaint-tiled-surface.c
CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -o brushlib/mypaint-tiled-surface.os -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -fPIC -Ibrushlib -I/usr/include/json brushlib/mypaint-tiled-surface.c
CFLAGS missing (-fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security): gcc -o brushlib/mypaint.os -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -fPIC -Ibrushlib -I/usr/include/json brushlib/mypaint.c
CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -o brushlib/mypaint.os -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -fPIC -Ibrushlib -I/usr/include/json brushlib/mypaint.c
CFLAGS missing (-fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security): gcc -o brushlib/operationqueue.os -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -fPIC -Ibrushlib -I/usr/include/json brushlib/operationqueue.c
CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -o brushlib/operationqueue.os -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -fPIC -Ibrushlib -I/usr/include/json brushlib/operationqueue.c
CFLAGS missing (-fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security): gcc -o brushlib/rng-double.os -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -fPIC -Ibrushlib -I/usr/include/json brushlib/rng-double.c
CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -o brushlib/rng-double.os -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -fPIC -Ibrushlib -I/usr/include/json brushlib/rng-double.c
CFLAGS missing (-fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security): gcc -o brushlib/tests/testutils.os -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -fPIC -Ibrushlib/tests -I/usr/include/json -Ibrushlib brushlib/tests/testutils.c
CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -o brushlib/tests/testutils.os -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -fPIC -Ibrushlib/tests -I/usr/include/json -Ibrushlib brushlib/tests/testutils.c
CFLAGS missing (-fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security): gcc -o brushlib/tests/mypaint-utils-stroke-player.os -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -fPIC -Ibrushlib/tests -I/usr/include/json -Ibrushlib brushlib/tests/mypaint-utils-stroke-player.c
CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -o brushlib/tests/mypaint-utils-stroke-player.os -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -fPIC -Ibrushlib/tests -I/usr/include/json -Ibrushlib brushlib/tests/mypaint-utils-stroke-player.c
CFLAGS missing (-fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security): gcc -o brushlib/tests/mypaint-benchmark.os -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -fPIC -Ibrushlib/tests -I/usr/include/json -Ibrushlib brushlib/tests/mypaint-benchmark.c
CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -o brushlib/tests/mypaint-benchmark.os -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -fPIC -Ibrushlib/tests -I/usr/include/json -Ibrushlib brushlib/tests/mypaint-benchmark.c
CFLAGS missing (-fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security): gcc -o brushlib/tests/mypaint-test-surface.os -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -fPIC -Ibrushlib/tests -I/usr/include/json -Ibrushlib brushlib/tests/mypaint-test-surface.c
CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -o brushlib/tests/mypaint-test-surface.os -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -fPIC -Ibrushlib/tests -I/usr/include/json -Ibrushlib brushlib/tests/mypaint-test-surface.c
CFLAGS missing (-fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security): gcc -o brushlib/tests/test-brush-persistence.o -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -Ibrushlib/tests -I/usr/include/json -Ibrushlib brushlib/tests/test-brush-persistence.c
CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -o brushlib/tests/test-brush-persistence.o -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -Ibrushlib/tests -I/usr/include/json -Ibrushlib brushlib/tests/test-brush-persistence.c
CFLAGS missing (-fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security): gcc -o brushlib/tests/test-fixed-tiled-surface.o -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -Ibrushlib/tests -I/usr/include/json -Ibrushlib brushlib/tests/test-fixed-tiled-surface.c
CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -o brushlib/tests/test-fixed-tiled-surface.o -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -Ibrushlib/tests -I/usr/include/json -Ibrushlib brushlib/tests/test-fixed-tiled-surface.c
CFLAGS missing (-fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security): gcc -o brushlib/tests/test-rng.o -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -Ibrushlib/tests -I/usr/include/json -Ibrushlib brushlib/tests/test-rng.c
CPPFLAGS missing (-D_FORTIFY_SOURCE=2): gcc -o brushlib/tests/test-rng.o -c -std=c99 -D_POSIX_C_SOURCE=200809L -fopenmp -Wall -O3 -g -Ibrushlib/tests -I/usr/include/json -Ibrushlib brushlib/tests/test-rng.c
Regards
--
Sebastian Ramacher
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/python-apps-team/attachments/20130407/1cad4e47/attachment.pgp>
More information about the Python-apps-team
mailing list