diff options
| author | MadCamel <madcamel@gmail.com> | 2024-03-31 19:12:46 -0400 |
|---|---|---|
| committer | MadCamel <madcamel@gmail.com> | 2024-03-31 19:12:46 -0400 |
| commit | 505f27650af670e4b59fedaa320da877c767db76 (patch) | |
| tree | 3ff4bb7d5041ceea5ce15c6a04f392257c2c7b48 | |
| parent | ebf078b9fa81142834dc45e22ea661a61c50d17b (diff) | |
| download | tmwa-compiler_flags.tar.gz tmwa-compiler_flags.tar.bz2 tmwa-compiler_flags.tar.xz tmwa-compiler_flags.zip | |
Updated CFLAGS and LDFLAGS to enable more exploit mitigationscompiler_flags
TMWA is swiss cheese, let's at least make an attempt at mitigating
remote exploitation by using features of the compiler and linker.
| -rw-r--r-- | Makefile.in | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/Makefile.in b/Makefile.in index 10f909c..d009ed6 100644 --- a/Makefile.in +++ b/Makefile.in @@ -288,7 +288,9 @@ else override CXX += -std=c++0x endif -CXXFLAGS += -fstack-protector +CXXFLAGS += -fstack-protector-strong -fstack-clash-protection -fPIE -fsanitize=bounds -fsanitize-undefined-trap-on-error +LDFLAGS += -Wl,-z,relro -Wl,-z,now -Wl,-z,noexecstack -Wl,-z,separate-code + override CXXFLAGS += -fno-strict-aliasing override CXXFLAGS += -fvisibility=hidden |