| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
The old function name was inconsistent with the other gettext family
of short aliases which has already caused some code typos, and functions
starting with underscore are considered by convention private in Perl.
|
|
This is to try to make sure, that even if documented, people will not
accidentally rely on private modules, that have not API stability
guarantees.
|
|
pie is blacklisted on mips and mipsel, according to the comments due
to #526961. This bug has been fixed more than 4 years ago, it's time
to reactivate pie support.
Similarly strack-protector support has been added on mips and mipsel
in gcc 4.6 so we can now activate it too.
Closes: #763672
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
Signed-off-by: Guillem Jover <guillem@debian.org>
|
|
This will add approproriate options to warn about __TIME__, __DATE__ and
__TIMESTAMP__ macros.
Closes: #762683
Signed-off-by: Guillem Jover <guillem@debian.org>
|
|
Signed-off-by: Guillem Jover <guillem@debian.org>
|
|
|
|
This allows users to specify build flags from specific area features.
These settings will be overridden by any subsequent settings from
DEB_BUILD_MAINT_OPTIONS, in the same way other build flags are affected,
so that the maintainer can disable specific things that might be broken.
|
|
This can be used to test the propagation of build flags by checking the
build logs for any omission.
Closes: #628516
|
|
This feature will enable fatal warnings for code that can pose
actual problems.
Closes: #682659
|
|
This will allow to add various Quality Assurance features that can be
used to avoid common errors.
|
|
|
|
As of gcc-defaults 1.130 all architectures have moved to GCC 4.9, so we
can remove the architecture blacklist for stackprotectorstrong.
Signed-off-by: Guillem Jover <guillem@debian.org>
|
|
In these cases we are not interested if the variables are defined, but
if they have actual content.
|
|
|
|
Replace only safe usages, i.e. those that fallback on initialization
values that evaluate to false anyway. Or when the API is explicit about
the variable being undefined.
|
|
|
|
This flag is now part of the default set on Debian and derivatives, but
it will fallback to stackprotector when the former is not functional or
disabled by the user.
Based-on-patch-by: Romain Francoise <rfrancoise@debian.org>
|
|
The toolchain supports it now on arm64.
Closes: #751032
Signed-off-by: Guillem Jover <guillem@debian.org>
|
|
Switch more URLs, now that these services have had SSL enabled.
|
|
These have better runtime performance, not that it matters in many of
the instances here though.
Addresses RegularExpressions::ProhibitUnusedCapture.
Warned-by: perlcritic
|
|
Fixes Variables::ProhibitMatchVars.
Warned-by: perlcritic
|
|
Add default values in Debian and derivatives for these flags.
Distinguish FFLAGS from FCFLAGS by mentioning that the former is for the
Fortran 77 compiler and the latter for the Fortran 9x compiler.
Closes: #744326
|
|
Ubuntu never ended up shipping a ppc64 architecture, instead they have
a ppc64el one, so switch to that. And honor the noopt DEB_BUILD_OPTIONS
flag.
Closes: #738691
Signed-off-by: Guillem Jover <guillem@debian.org>
|
|
|
|
|
|
When enabled add those flags to the Fortran build flags. Update the
man page to document that FFLAGS is a subset of CFLAGS.
Closes: #726932
|
|
This adds default flags for the GNU Compiler for Java, and the
supported hardened flags. We do not name the variable JFLAGS nor
JAVAFLAGS, to make it very clear these are not flags for javac,
they are only for GCJ; so we use the automake variable name as
existing precedent.
Closes: #708375
|
|
Use the lightweight parent instead of the bloated base.
|
|
The flag is not yet supported there.
Closes: #711936
[guillem@debian.org: Update comment. ]
Signed-off-by: Guillem Jover <guillem@debian.org>
|
|
Fixes BuiltinFunctions::ProhibitStringySplit.
Warned-by: perlcritic
|
|
Fixes CodeLayout::ProhibitQuotedWordLists.
Warned-by: perlcritic
|
|
Using double-quotes imposes a small performance penalty as the perl
parser needs to check if any interpolation is needed. Use double-quotes
only when the string contains single-quotes. Ideally we'd use
double-quotes too for escaped meta-characters that might otherwise be
confusing to immediately see if they need interpolation or not, but the
policy does not (currently) allow to ignore these.
Fixes ValuesAndExpressions::ProhibitInterpolationOfLiterals.
Warned-by: perlcritic
|
|
Addresses ValuesAndExpressions::ProhibitInterpolationOfLiterals.
Warned-by: perlcritic
|
|
Do not quote the keys for any hash which will always use simple
identifiers, as that is taken care of by the => operator. So this does
not apply to overload pragmas, version operators, field names, substvars,
command line options or filenames.
Addresses ValuesAndExpressions::ProhibitInterpolationOfLiterals.
Warned-by: perlcritic
|
|
The fixed key names are either inside unstable modules, internal to
them or for keys in code never released, so should not cause much of
an issue.
|
|
|
|
The fact that Dpkg::Vendor::Debian needs to use functions from
Dpkg::Vendor::Ubuntu has always been all kinds of a broken design, as
an obvious layer violation, but at least for now we avoid redefinition
of functions.
|
|
This makes sure the functions always return the appropriate value
independent of the context.
Fixes Subroutines::ProhibitExplicitReturnUndef.
Warned-by: perlcritic
|
|
New glibc 2.16 and later, issue a warning on this condition. Just
disable the hardening flags in such case.
Closes: #691745
|
|
This field was a Debian specifc hack that should have been part of
the archive management software from the start. Now that dak supports
setting the upload ACLs through an email command, there's no need for
this anymore. Remove.
|
|
The reason for this feature being masked on m68k was unspecified
breakage in openssh (see #451192), which does not appear to be present
any more. As such there's no apparent reason to mask it any longer.
Requested-by: Thorsten Glaser <tg@mirbsd.de>
|
|
This option is already implied by -Werror=format-security.
Closes: #664964
Suggested-by: Peter Eisentraut <petere@debian.org>
|
|
Give a warning and reset the abi-os-cpu tuple to empty strings.
Closes: #663004
|
|
Since the logic for having a hardening flag enabled or disabled depends
on the architecture, and since the flags may change over time for each
hardening feature, there needs to be a way to externally query the state
of the hardening features. Specifically, lintian needs this to be able
to figure out if a binary package is missing expected hardening features.
Instead of maintaining multiple hard-coded lists of expected hardening
features, this makes dpkg-buildflags the canonical location of the
information, which can be queried by externally. (See bug 650536.)
Signed-off-by: Kees Cook <kees@debian.org>
Signed-off-by: Raphaël Hertzog <hertzog@debian.org>
|
|
Refactor the hardened compiler flag logic so the "use_feature" variable ends
up controlling the final stance of each given hardening feature.
Signed-off-by: Kees Cook <kees@debian.org>
Signed-off-by: Raphaël Hertzog <hertzog@debian.org>
|
|
The location of programs on the filesystem is not standardized, and as
such using absolute paths is not a portable assumption to make. This
causes test suite errors on at least Mac OS X.
Use just the program name on perl system() calls, when needing the full
path use Dpkg::Path::find_command() in perl code and “which” in shell
code.
Reported-by: Stuart Ambler <stuart@zulazon.com>
|
|
There is no point in enabling full relro (aka bindnow) if relro is
not enabled. It just brings its disadvantages and none of its possible
advantages.
|
|
Instead of setting it in the CFLAGS and CXXFLAGS variables.
Closes: #642521, #643632
|
|
This option has a startup performance hit on slow systems, particularly
due to slow I/O, the effects of which cannot be reverted except for a
rebuild. It might make sense for long running processes where the
startup time is not that important, and the security improvements do
actually matter. Another option is to set the environment variable
LD_BIND_NOW=1 for the long running process, so that the sysadmin can
disable it if desired.
|
|
All the hardening build flags supported by hardening-includes
are supported except that PIE is not enabled by default (just like
the corresponding gcc patch doesn't enable it by default).
Inspired by the work of Kees Cook <kees@debian.org>.
|
