RFR: 8130017: use _FORTIFY_SOURCE in gcc fastdebug builds - was : RE: gcc FORTIFY_SOURCE application security flags
Baesken, Matthias
matthias.baesken at sap.com
Thu May 9 14:14:03 UTC 2019
Hello,
I tried setting
"-U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=0"
And this seems indeed to work , no warning any more .
Let's hope gcc does not change the command line parsing .
Btw. is there a gcc version that a) still compiles jdk/jdk and b) would show the issue ?
(with our internally used gcc's we are always > 4.6 in jdk/jdk )
Best regards, Matthias
> -----Original Message-----
> From: Erik Joelsson <erik.joelsson at oracle.com>
> Sent: Donnerstag, 9. Mai 2019 15:18
> To: Baesken, Matthias <matthias.baesken at sap.com>; David Holmes
> <david.holmes at oracle.com>; 'build-dev at openjdk.java.net' <build-
> dev at openjdk.java.net>
> Subject: Re: RFR: 8130017: use _FORTIFY_SOURCE in gcc fastdebug builds -
> was : RE: gcc FORTIFY_SOURCE application security flags
>
> Hello,
>
> I just tried this and you are correct. However, it does seem to work if
> you instead use -U_FORTIFY_SOURCE.
>
> /Erik
>
> On 2019-05-09 05:36, Baesken, Matthias wrote:
> > Hi Erik, while setting -O<x> and -O<y> (with x != y ) in one gcc/g++
> command line call works ,
> > setting together -D_FORTIFY_SOURCE=2 and -D_FORTIFY_SOURCE=0
> in one command line call generates a warning , so I think we cannot do that .
> >
> >
> > Best regards, Matthias
> >
More information about the build-dev
mailing list