Hi all.
Fedora recently enabled -Werror=format-security by default for all packages to prevent format string vulnerabilities from appearing. Should we do this as well for libosmocore? openbsc? other (sub)projects as well?
What do you think?
Hi Max,
On Thu, Nov 28, 2013 at 12:59:55PM +0100, ☎ wrote:
Should we do this as well for libosmocore? openbsc? other (sub)projects as well?
Yes, I would consider that a useful change. But please also fix any of the current warnings in the same patchset, so we don't end up with code that doesn't compile anymore...
On Sun, Dec 01, 2013 at 02:31:21PM +0100, Harald Welte wrote:
Hi Max,
On Thu, Nov 28, 2013 at 12:59:55PM +0100, ☎ wrote:
Should we do this as well for libosmocore? openbsc? other (sub)projects as well?
Yes, I would consider that a useful change. But please also fix any of the current warnings in the same patchset, so we don't end up with code that doesn't compile anymore...
Please have a look here[1] for some warnings and how to write tests for checking if the compiler supports them. In the long run I want the jenkins compile the code with -Werror. We introduce compiler warnings more quickly than the rest of us can fix them.
holger
[1] https://git.gnome.org/browse/folks/tree/configure.ac?id=18c629cf1d40a72c5f9f...
On Mon, Dec 2, 2013 at 2:29 AM, Holger Hans Peter Freyther holger@freyther.de wrote:
On Sun, Dec 01, 2013 at 02:31:21PM +0100, Harald Welte wrote:
Hi Max,
On Thu, Nov 28, 2013 at 12:59:55PM +0100, ☎ wrote:
Should we do this as well for libosmocore? openbsc? other (sub)projects as well?
Yes, I would consider that a useful change. But please also fix any of the current warnings in the same patchset, so we don't end up with code that doesn't compile anymore...
Please have a look here[1] for some warnings and how to write tests for checking if the compiler supports them. In the long run I want the jenkins compile the code with -Werror. We introduce compiler warnings more quickly than the rest of us can fix them.
[1] https://git.gnome.org/browse/folks/tree/configure.ac?id=18c629cf1d40a72c5f9f...
The list is missing a number of useful flags.
-Wconversion: its always a surprise when -1 > 1.
-Wcast-align: save you from violating alignment and bricking your process on a processor that can't perform fixups
-Wtrampolines: executable code on the stack
-Woverloaded-virtual: relevant to C++ code
Plus, you have the standard security options like PIC/PIE, stack protectors, nx stacks, nx heaps, fortify sources, relro (GOT hardening), now (PLT hardening), etc. I'm not sure how much is available to the project due to hardware and implementation restrictions, though.
Jeff
baseband-devel@lists.osmocom.org