/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to Makefile

  • Committer: Teddy Hogeborn
  • Date: 2016-03-17 20:40:55 UTC
  • Revision ID: teddy@recompile.se-20160317204055-bhsh5xsidq7w5cxu
Client: Fix plymouth agent; broken since 1.7.2.

Fix an very old memory bug in the plymouth agent (which has been
present since its apperance in version 1.2), but which was only
recently detected at run time due to the new -fsanitize=address
compile- time flag, which has been used since version 1.7.2.  This
detection of a memory access violation causes the program to abort,
making the Plymouth graphical boot system unable to accept interactive
input of passwords when using the Mandos client.

* plugins.d/plymouth.c (exec_and_wait): Fix memory allocation bug when
  allocating new_argv.  Also tolerate a zero-length argv.

Show diffs side-by-side

added added

removed removed

Lines of Context:
15
15
# and <http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html>.
16
16
FORTIFY=-D_FORTIFY_SOURCE=2 -fstack-protector-all -fPIC
17
17
# <https://developerblog.redhat.com/2014/10/16/gcc-undefined-behavior-sanitizer-ubsan/>
18
 
# The sanitizing options are available in GCC 4.9 and above.
19
 
ifeq ($(shell test $(shell $(CC) -dumpversion) \> 4.9-; echo $$?),0)
20
 
SANITIZE:=-fsanitize=address -fsanitize=undefined -fsanitize=shift \
21
 
        -fsanitize=integer-divide-by-zero -fsanitize=unreachable \
22
 
        -fsanitize=vla-bound -fsanitize=null -fsanitize=return \
23
 
        -fsanitize=signed-integer-overflow
24
 
# GCC 5.3 has some more sanitizing options
25
 
ifeq ($(shell test $(shell $(CC) -dumpversion) \> 5.3-; echo $$?),0)
26
 
SANITIZE+=-fsanitize=bounds -fsanitize=alignment \
27
 
        -fsanitize=object-size -fsanitize=float-divide-by-zero \
28
 
        -fsanitize=float-cast-overflow -fsanitize=nonnull-attribute \
29
 
        -fsanitize=returns-nonnull-attribute -fsanitize=bool \
30
 
        -fsanitize=enum
31
 
endif
32
 
else
33
 
SANITIZE:=
34
 
endif
 
18
ALL_SANITIZE_OPTIONS:=-fsanitize=address -fsanitize=undefined \
 
19
        -fsanitize=shift -fsanitize=integer-divide-by-zero \
 
20
        -fsanitize=unreachable -fsanitize=vla-bound -fsanitize=null \
 
21
        -fsanitize=return -fsanitize=signed-integer-overflow \
 
22
        -fsanitize=bounds -fsanitize=alignment \
 
23
        -fsanitize=object-size -fsanitize=float-divide-by-zero \
 
24
        -fsanitize=float-cast-overflow -fsanitize=nonnull-attribute \
 
25
        -fsanitize=returns-nonnull-attribute -fsanitize=bool \
 
26
        -fsanitize=enum
 
27
# Check which sanitizing options can be used
 
28
SANITIZE:=$(foreach option,$(ALL_SANITIZE_OPTIONS),$(shell \
 
29
        echo 'int main(){}' | $(CC) --language=c $(option) /dev/stdin \
 
30
        -o /dev/null >/dev/null 2>&1 && echo $(option)))
35
31
LINK_FORTIFY_LD=-z relro -z now
36
32
LINK_FORTIFY=
37
33
 
44
40
OPTIMIZE=-Os -fno-strict-aliasing
45
41
LANGUAGE=-std=gnu11
46
42
htmldir=man
47
 
version=1.7.1
 
43
version=1.7.6
48
44
SED=sed
49
45
 
50
46
USER=$(firstword $(subst :, ,$(shell getent passwd _mandos || getent passwd nobody || echo 65534)))
51
 
GROUP=$(firstword $(subst :, ,$(shell getent group _mandos || getent group nobody || echo 65534)))
 
47
GROUP=$(firstword $(subst :, ,$(shell getent group _mandos || getent group nogroup || echo 65534)))
52
48
 
53
49
## Use these settings for a traditional /usr/local install
54
50
# PREFIX=$(DESTDIR)/usr/local