Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
libpsl-native: Fix _FORTIFY_SOURCE macros (#88)
This commit fixes the mistake in the `_FORTIFY_SOURCE` macro where it was not prefixed with underscore while it has to be (see e.g. https://github.com/search?q=repo%3Abminor%2Fglibc%20FORTIFY_SOURCE&type=code). Additionally, to make this macro add extra security, one has to enable optimizations. I am not sure if the build system enables them, but it is worth double checking that as well. Overall, I would recommend using `-D_FORTIFY_SOURCE=3` with `-O2` or `-O3`. (The fortify source level 3 was added recently and you can read more about it here: https://developers.redhat.com/blog/2021/04/16/broadening-compiler-checks-for-buffer-overflows-in-_fortify_source). Remove superfluous `-O2` flag, since CMake adds `-O3` for `Release` builds anyway. Co-authored-by: Andy Jordan <[email protected]>
- Loading branch information