wok-next view gcc/stuff/patches/013_all_default-ssp-fix.patch @ rev 21338
OpenSSL 1.0.2t -> 1.0.2u: overflow bug CVE-2019-1551
| author | Erkan Yilmaz <erkan@slitaz.org> |
|---|---|
| date | Sat Dec 21 08:55:46 2019 +0000 (2019-12-21) |
| parents | |
| children |
line source
1 Disable ssp on -nostdlib, -nodefaultlibs and -ffreestanding
2 Change the buffer size.
4 --- a/gcc/gcc.c 2017-07-04 09:15:57.740793000 +0200
5 +++ b/gcc/gcc.c 2018-03-02 13:58:44.387741114 +0100
6 @@ -857,6 +857,12 @@ proper position among the other output f
7 #define LINK_GCC_C_SEQUENCE_SPEC "%G %L %G"
8 #endif
10 +#ifdef ENABLE_DEFAULT_SSP
11 +#define NO_SSP_SPEC "%{nostdlib|nodefaultlibs|ffreestanding:-fno-stack-protector} "
12 +#else
13 +#define NO_SSP_SPEC ""
14 +#endif
15 +
16 #ifndef LINK_SSP_SPEC
17 #ifdef TARGET_LIBC_PROVIDES_SSP
18 #define LINK_SSP_SPEC "%{fstack-protector|fstack-protector-all" \
19 @@ -1131,7 +1148,7 @@ static const char *cc1_options =
20 %{-version:--version}\
21 %{-help=*:--help=%*}\
22 %{!fsyntax-only:%{S:%W{o*}%{!o*:-o %b.s}}}\
23 - %{fsyntax-only:-o %j} %{-param*}\
24 + %{fsyntax-only:-o %j} %{-param*} " NO_SSP_SPEC "\
25 %{coverage:-fprofile-arcs -ftest-coverage}\
26 %{fprofile-arcs|fprofile-generate*|coverage:\
27 %{!fprofile-update=singel:\
28 --- a/gcc/params.def 2016-03-30 09:47:40.000000000 +0200
29 +++ b/gcc/params.def 2016-09-19 12:56:58.443179039 +0200
30 @@ -673,7 +673,7 @@ DEFPARAM (PARAM_INTEGER_SHARE_LIMIT,
31 DEFPARAM (PARAM_SSP_BUFFER_SIZE,
32 "ssp-buffer-size",
33 "The lower bound for a buffer to be considered for stack smashing protection.",
34 - 8, 1, 0)
35 + 4, 1, 0)
37 DEFPARAM (PARAM_MIN_SIZE_FOR_STACK_SHARING,
38 "min-size-for-stack-sharing",