From 505f27650af670e4b59fedaa320da877c767db76 Mon Sep 17 00:00:00 2001
From: MadCamel <madcamel@gmail.com>
Date: Sun, 31 Mar 2024 19:12:46 -0400
Subject: Updated CFLAGS and LDFLAGS to enable more exploit mitigations TMWA is
 swiss cheese, let's at least make an attempt at mitigating remote
 exploitation by using features of the compiler and linker.

---
 Makefile.in | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/Makefile.in b/Makefile.in
index 10f909c..d009ed6 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -288,7 +288,9 @@ else
 override CXX += -std=c++0x
 endif
 
-CXXFLAGS += -fstack-protector
+CXXFLAGS += -fstack-protector-strong -fstack-clash-protection -fPIE -fsanitize=bounds -fsanitize-undefined-trap-on-error
+LDFLAGS += -Wl,-z,relro -Wl,-z,now -Wl,-z,noexecstack -Wl,-z,separate-code
+
 override CXXFLAGS += -fno-strict-aliasing
 override CXXFLAGS += -fvisibility=hidden
 
-- 
cgit v1.2.3-60-g2f50