[vlc-devel] [PATCH 2/3] configure: activate RELRO when linking for ELF hardening

Rémi Denis-Courmont remi at remlab.net
Mon Nov 13 10:16:44 CET 2017


Le 13 novembre 2017 00:59:47 GMT+02:00, Jean-Baptiste Kempf <jb at videolan.org> a écrit :
>
>-- 
>
>This is activated everytime possible, in all cases. Maybe not in debug
>builds?
>
>---
> configure.ac | 12 ++++++++++++
> 1 file changed, 12 insertions(+)
>
>diff --git a/configure.ac b/configure.ac
>index 75ac6c6144..d438c7808f 100644
>--- a/configure.ac
>+++ b/configure.ac
>@@ -1149,6 +1149,18 @@ AC_CACHE_CHECK([if linker supports -z,defs],
>[ac_cv_ld_z_defs], [
> ])
> AS_IF([test "${ac_cv_ld_z_defs}" = "no"], [VLC_RESTORE_FLAGS])
> 
>+dnl RELRO
>+VLC_SAVE_FLAGS
>+LDFLAGS="${LDFLAGS} -Wl,-z,relro"
>+AC_CACHE_CHECK([if linker supports -z,relro], [ac_cv_ld_z_relro], [
>+  AC_TRY_LINK([],, [
>+    ac_cv_ld_z_relro="yes"
>+  ], [
>+    ac_cv_ld_z_relro="no"
>+  ])
>+])
>+AS_IF([test "${ac_cv_ld_z_relro}" = "no"], [VLC_RESTORE_FLAGS])
>+
> dnl Check for __attribute__((packed))
> AC_CACHE_CHECK([for __attribute__((packed))],
>   [ac_cv_c_attribute_packed],
>-- 
>2.15.0.448.gf294e3d99a
>
>_______________________________________________
>vlc-devel mailing list
>To unsubscribe or modify your subscription options:
>https://mailman.videolan.org/listinfo/vlc-devel

This won't work that well until we constify a lot of structures with pointers (notably vtable-ish ones).
-- 
Envoyé de mon appareil Android avec Courriel K-9 Mail. Veuillez excuser ma brièveté.


More information about the vlc-devel mailing list