Summary: | dev-cpp/notcurses-3.0.8 redefines _FORTIFY_SOURCE (HARDENED-SYSTEM) | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Agostino Sarubbo <ago> |
Component: | Current packages | Assignee: | nick black <dankamongmen> |
Status: | CONFIRMED --- | ||
Severity: | normal | CC: | proxy-maint |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
See Also: | https://github.com/dankamongmen/notcurses/issues/2703 | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 847148 | ||
Attachments: | build.log |
Description
Agostino Sarubbo
2023-02-05 09:31:59 UTC
Created attachment 849902 [details]
build.log
build log and emerge --info
ought i remove -D_FORTIFY_SOURCE from the upstream source? i'd rather not, since i want it on distros where it's not being injected. if i redefine it to be 3, it ought match the injected gentoo flags, and this issue would go away, right? tracking upstream at https://github.com/dankamongmen/notcurses/issues/2703 (In reply to nick black from comment #2) > ought i remove -D_FORTIFY_SOURCE from the upstream source? i'd rather not, > since i want it on distros where it's not being injected. > I usually suggest that folks add some build system arg to enable/disable hardening. > if i redefine it to be 3, it ought match the injected gentoo flags, and this > issue would go away, right? Our hardened profiles do F_S=3, and normal ones do F_S=2. You could do -U_F_S -D_F_S=3, but it's not very future proof. I'd say the best way is to just give an opt-out for distros where we do it via the toolchain instead, or write own form of https://www.gnu.org/software/autoconf-archive/ax_add_fortify_source.html (there's a PR pending upstream to add F_S=3 support for that). > > tracking upstream at https://github.com/dankamongmen/notcurses/issues/2703 thanks! |