diff options
Diffstat (limited to 'sys-apps/kbd/files/kbd-2.6.3-no-redefine-fortify-source.patch')
-rw-r--r-- | sys-apps/kbd/files/kbd-2.6.3-no-redefine-fortify-source.patch | 171 |
1 files changed, 171 insertions, 0 deletions
diff --git a/sys-apps/kbd/files/kbd-2.6.3-no-redefine-fortify-source.patch b/sys-apps/kbd/files/kbd-2.6.3-no-redefine-fortify-source.patch new file mode 100644 index 000000000000..b18fb9f751cf --- /dev/null +++ b/sys-apps/kbd/files/kbd-2.6.3-no-redefine-fortify-source.patch @@ -0,0 +1,171 @@ +https://github.com/legionus/kbd/pull/103 + +From 3392e2038dee97361d7438512653736d72a02109 Mon Sep 17 00:00:00 2001 +From: Sam James <sam@gentoo.org> +Date: Wed, 4 Oct 2023 14:47:33 +0100 +Subject: [PATCH] Use `AX_ADD_FORTIFY_SOURCE` to avoid redefining + `_FORTIFY_SOURCE` + +Some distributions are now setting -D_FORTIFY_SOURCE=3 by default in their +toolchains rather than _F_S=2. By forcing _F_S=2, this causes both a warning +and a downgrade in the effective protection. + +Use the autoconf-archive macro for this purpose (AX_ADD_FORTIFY_SOURCE) +to add the fortification at the highest supported level if the compiler doesn't +already default to it. + +Bug: https://bugs.gentoo.org/892834 +Signed-off-by: Sam James <sam@gentoo.org> +--- + configure.ac | 5 +- + m4/ax_add_fortify_source.m4 | 119 ++++++++++++++++++++++++++++++++++++ + 2 files changed, 122 insertions(+), 2 deletions(-) + create mode 100644 m4/ax_add_fortify_source.m4 + +diff --git a/configure.ac b/configure.ac +index 66023ff8..7fdbe7d6 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -63,13 +63,14 @@ strspn strstr strtol strtoul setpgrp malloc realloc]) + + AC_SEARCH_LIBS([timer_create], [rt]) + ++AX_ADD_FORTIFY_SOURCE ++ + # Optimization level + CC_O_LEVEL="-O2" +-FORTIFY_SOURCE="-D_FORTIFY_SOURCE=2" + + if test "$enable_code_coverage" = yes; then + CC_O_LEVEL="-O0" +- FORTIFY_SOURCE= ++ FORTIFY_SOURCE="-U_FORTIFY_SOURCE" + fi + + case "$GCC,$ac_cv_prog_cc_g" in +diff --git a/m4/ax_add_fortify_source.m4 b/m4/ax_add_fortify_source.m4 +new file mode 100644 +index 00000000..860c1598 +--- /dev/null ++++ b/m4/ax_add_fortify_source.m4 +@@ -0,0 +1,119 @@ ++# =========================================================================== ++# https://www.gnu.org/software/autoconf-archive/ax_add_fortify_source.html ++# =========================================================================== ++# ++# SYNOPSIS ++# ++# AX_ADD_FORTIFY_SOURCE ++# ++# DESCRIPTION ++# ++# Check whether -D_FORTIFY_SOURCE=2 can be added to CPPFLAGS without macro ++# redefinition warnings, other cpp warnings or linker. Some distributions ++# (such as Ubuntu or Gentoo Linux) enable _FORTIFY_SOURCE globally in ++# their compilers, leading to unnecessary warnings in the form of ++# ++# <command-line>:0:0: error: "_FORTIFY_SOURCE" redefined [-Werror] ++# <built-in>: note: this is the location of the previous definition ++# ++# which is a problem if -Werror is enabled. This macro checks whether ++# _FORTIFY_SOURCE is already defined, and if not, adds -D_FORTIFY_SOURCE=2 ++# to CPPFLAGS. ++# ++# Newer mingw-w64 msys2 package comes with a bug in ++# headers-git-7.0.0.5546.d200317d-1. It broke -D_FORTIFY_SOURCE support, ++# and would need -lssp or -fstack-protector. See ++# https://github.com/msys2/MINGW-packages/issues/5803. Try to actually ++# link it. ++# ++# LICENSE ++# ++# Copyright (c) 2017 David Seifert <soap@gentoo.org> ++# Copyright (c) 2019, 2023 Reini Urban <rurban@cpan.org> ++# ++# Copying and distribution of this file, with or without modification, are ++# permitted in any medium without royalty provided the copyright notice ++# and this notice are preserved. This file is offered as-is, without any ++# warranty. ++ ++#serial 10 ++ ++AC_DEFUN([AX_ADD_FORTIFY_SOURCE],[ ++ ac_save_cflags=$CFLAGS ++ ac_cwerror_flag=yes ++ AX_CHECK_COMPILE_FLAG([-Werror],[CFLAGS="$CFLAGS -Werror"]) ++ ax_add_fortify_3_failed= ++ AC_MSG_CHECKING([whether to add -D_FORTIFY_SOURCE=3 to CPPFLAGS]) ++ AC_LINK_IFELSE([ ++ AC_LANG_PROGRAM([], ++ [[ ++ #ifndef _FORTIFY_SOURCE ++ return 0; ++ #else ++ _FORTIFY_SOURCE_already_defined; ++ #endif ++ ]] ++ )], ++ AC_LINK_IFELSE([ ++ AC_LANG_SOURCE([[ ++ #define _FORTIFY_SOURCE 3 ++ #include <string.h> ++ int main(void) { ++ char *s = " "; ++ strcpy(s, "x"); ++ return strlen(s)-1; ++ } ++ ]] ++ )], ++ [ ++ AC_MSG_RESULT([yes]) ++ CFLAGS=$ac_save_cflags ++ CPPFLAGS="$CPPFLAGS -D_FORTIFY_SOURCE=3" ++ ], [ ++ AC_MSG_RESULT([no]) ++ ax_add_fortify_3_failed=1 ++ ], ++ ), ++ [ ++ AC_MSG_RESULT([no]) ++ ax_add_fortify_3_failed=1 ++ ]) ++ if test -n "$ax_add_fortify_3_failed" ++ then ++ AC_MSG_CHECKING([whether to add -D_FORTIFY_SOURCE=2 to CPPFLAGS]) ++ AC_LINK_IFELSE([ ++ AC_LANG_PROGRAM([], ++ [[ ++ #ifndef _FORTIFY_SOURCE ++ return 0; ++ #else ++ _FORTIFY_SOURCE_already_defined; ++ #endif ++ ]] ++ )], ++ AC_LINK_IFELSE([ ++ AC_LANG_SOURCE([[ ++ #define _FORTIFY_SOURCE 2 ++ #include <string.h> ++ int main(void) { ++ char *s = " "; ++ strcpy(s, "x"); ++ return strlen(s)-1; ++ } ++ ]] ++ )], ++ [ ++ AC_MSG_RESULT([yes]) ++ CFLAGS=$ac_save_cflags ++ CPPFLAGS="$CPPFLAGS -D_FORTIFY_SOURCE=2" ++ ], [ ++ AC_MSG_RESULT([no]) ++ CFLAGS=$ac_save_cflags ++ ], ++ ), ++ [ ++ AC_MSG_RESULT([no]) ++ CFLAGS=$ac_save_cflags ++ ]) ++ fi ++]) + |