Give a better warning when stack protection breaks linking.

Fix for 9948; patch from Benedikt Gollatz.
This commit is contained in:
Nick Mathewson 2013-10-21 13:07:47 -04:00
parent 17d368281a
commit 21ac292820
3 changed files with 25 additions and 1 deletions

View File

@ -43,6 +43,8 @@ AC_DEFUN([TOR_DEFINE_CODEPATH],
]) ])
dnl 1:flags dnl 1:flags
dnl 2:also try to link (yes: non-empty string)
dnl will set yes or no in $tor_can_link_$1 (as modified by AS_VAR_PUSHDEF)
AC_DEFUN([TOR_CHECK_CFLAGS], [ AC_DEFUN([TOR_CHECK_CFLAGS], [
AS_VAR_PUSHDEF([VAR],[tor_cv_cflags_$1]) AS_VAR_PUSHDEF([VAR],[tor_cv_cflags_$1])
AC_CACHE_CHECK([whether the compiler accepts $1], VAR, [ AC_CACHE_CHECK([whether the compiler accepts $1], VAR, [
@ -51,6 +53,13 @@ AC_DEFUN([TOR_CHECK_CFLAGS], [
AC_TRY_COMPILE([], [return 0;], AC_TRY_COMPILE([], [return 0;],
[AS_VAR_SET(VAR,yes)], [AS_VAR_SET(VAR,yes)],
[AS_VAR_SET(VAR,no)]) [AS_VAR_SET(VAR,no)])
if test x$2 != x; then
AS_VAR_PUSHDEF([can_link],[tor_can_link_$1])
AC_TRY_LINK([], [return 0;],
[AS_VAR_SET(can_link,yes)],
[AS_VAR_SET(can_link,no)])
AS_VAR_POPDEF([can_link])
fi
CFLAGS="$tor_saved_CFLAGS" CFLAGS="$tor_saved_CFLAGS"
]) ])
if test x$VAR = xyes; then if test x$VAR = xyes; then

6
changes/bug9948 Normal file
View File

@ -0,0 +1,6 @@
o Minor features (build):
- Check in configure whether we can link an executable when
stack protection is enabled so we can warn the user about a
potentially missing libssp. Addresses ticket 9948. Patch
from Benedikt Gollatz.

View File

@ -589,7 +589,16 @@ if test x$enable_gcc_hardening != xno; then
if test x$have_clang = xyes; then if test x$have_clang = xyes; then
TOR_CHECK_CFLAGS(-Qunused-arguments) TOR_CHECK_CFLAGS(-Qunused-arguments)
fi fi
TOR_CHECK_CFLAGS(-fstack-protector-all) TOR_CHECK_CFLAGS(-fstack-protector-all, also_link)
AS_VAR_PUSHDEF([can_compile], [tor_cv_cflags_-fstack-protector-all])
AS_VAR_PUSHDEF([can_link], [tor_can_link_-fstack-protector-all])
AS_VAR_IF(can_compile, [yes],
AS_VAR_IF(can_link, [yes],
[],
AC_MSG_ERROR([We tried to build with stack protection; it looks like your compiler supports it but your libc does not provide it. Are you missing libssp? (You can --disable-gcc-hardening to ignore this error.)]))
)
AS_VAR_POPDEF([can_link])
AS_VAR_POPDEF([can_compile])
TOR_CHECK_CFLAGS(-Wstack-protector) TOR_CHECK_CFLAGS(-Wstack-protector)
TOR_CHECK_CFLAGS(-fwrapv) TOR_CHECK_CFLAGS(-fwrapv)
TOR_CHECK_CFLAGS(--param ssp-buffer-size=1) TOR_CHECK_CFLAGS(--param ssp-buffer-size=1)