[FFmpeg-devel] [PATCH]configure: Enable pie for toolchain=hardened.
Carl Eugen Hoyos
cehoyos at ag.or.at
Tue Oct 4 13:24:00 EEST 2016
Hi!
Sorry if I miss something but with this patch, the hardening_check
script succeeds here both for x86_32 and x86_64 (static and shared).
Please comment, Carl Eugen
-------------- next part --------------
From 3c5df95a022e9148f753dd2a850570080740c602 Mon Sep 17 00:00:00 2001
From: Carl Eugen Hoyos <cehoyos at ag.or.at>
Date: Tue, 4 Oct 2016 12:21:41 +0200
Subject: [PATCH] configure: Enable pie for toolchain=hardened.
---
configure | 2 ++
1 file changed, 2 insertions(+)
diff --git a/configure b/configure
index f593191..858f2a6 100755
--- a/configure
+++ b/configure
@@ -3577,6 +3577,8 @@ case "$toolchain" in
add_cppflags -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2
add_cflags -fno-strict-overflow -fstack-protector-all
add_ldflags -Wl,-z,relro -Wl,-z,now
+ add_cflags -fPIE
+ add_ldexeflags -fPIE -pie
;;
?*)
die "Unknown toolchain $toolchain"
--
1.7.10.4
More information about the ffmpeg-devel
mailing list