Bugzilla – Bug 725
stack protector check stymied by -D_FORTIFY_SOURCE=2 + AC_LANG_WERROR
Last modified: 2015-11-01 15:24:11 MST
Created attachment 463 [details] fix -fstack-protector scanning The stack protector check turns optimization off to prevent the entire program being optimized out, but unfortunately also runs under AC_LANG_WERROR and (if --enable-hardening) under -D_FORTIFY_SOURCE=2. If you compile without -O and with -D_FORTIFY_SOURCE, you get this warning: In file included from /usr/include/stdio.h:27:0, from conftest.c:174: /usr/include/features.h:327:4: warning: #warning _FORTIFY_SOURCE requires compiling with optimization (-O) [-Wcpp] # warning _FORTIFY_SOURCE requires compiling with optimization (-O) ^ which AC_LANG_WERROR then promotes to an error, forcing all the stack-protector tests to fail. Patch fixing it (by undefining _FORTIFY_SOURCE around the check) attached.
I think it is best to just clear CPPFLAGS for the stack protector test.
Yeah, that's probably just as good. My only worry is that the user-specified CPPFLAGS, like the user-specified CFLAGS and LDFLAGS, might contain things that are necessary to compile anything at all on that system. However, this is much less likely for CPPFLAGS than the other two, since this program has no headers to speak of, so you'll probably get away with just clearing it even on really strange systems. :)
fixed by http://www.sudo.ws/repos/sudo/rev/1a9f8571a82d
Fixed in sudo 1.8.15