Package: liboprf
Version: 0.4.0-1
Severity: normal
Tags: patch
Hello, looks like the code is setting FORTIFY_SOURCE=2 directly from makefile,
not allowing to override
it from outside.
This is a build issue when people defaults e.g. to 3, something already done by
some distros, e.g. Ubuntu.
I took the liberty to patch the code and commit the patch on git
Description: Don't force fortify_source, we default to 3 in some architectures
Author: Gianfranco Costamagna <locutusofb...@debian.org>
Last-Update: 2024-12-11
--- liboprf-0.4.0.orig/src/noise_xk/example/makefile
+++ liboprf-0.4.0/src/noise_xk/example/makefile
@@ -6,7 +6,7 @@ CFLAGS += -I../.. -I../include -I ../in
-Wno-unknown-warning-option
-Wno-unused-but-set-variable \
-Wno-unused-parameter -Wno-infinite-recursion
-fPIC \
-g -fwrapv -D_BSD_SOURCE -D_DEFAULT_SOURCE
-DWITH_SODIUM \
- -O2 -fstack-protector-strong
-D_FORTIFY_SOURCE=2 \
+ -O2 -fstack-protector-strong \
-fasynchronous-unwind-tables -fpic
-Werror=format-security \
-Werror=implicit-function-declaration
-Wl,-z,defs -Wl,-z,relro \
-ftrapv -Wl,-z,noexecstack
--- liboprf-0.4.0.orig/src/noise_xk/makefile
+++ liboprf-0.4.0/src/noise_xk/makefile
@@ -7,7 +7,7 @@ CFLAGS += -Iinclude -I include/karmel -
-Wno-unknown-warning-option
-Wno-unused-but-set-variable \
-Wno-unused-parameter -Wno-infinite-recursion
-fpic \
-g -fwrapv -D_BSD_SOURCE -D_DEFAULT_SOURCE
-DWITH_SODIUM \
- -O2 -fstack-protector-strong
-D_FORTIFY_SOURCE=2 \
+ -O2 -fstack-protector-strong \
-fasynchronous-unwind-tables -fpic \
-Werror=format-security
-Werror=implicit-function-declaration \
-ftrapv
Thanks,
Gianfranco
