diff options
Diffstat (limited to 'Mk/Features/fortify.mk')
| -rw-r--r-- | Mk/Features/fortify.mk | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/Mk/Features/fortify.mk b/Mk/Features/fortify.mk new file mode 100644 index 000000000000..2e43ca98242f --- /dev/null +++ b/Mk/Features/fortify.mk @@ -0,0 +1,18 @@ +# This enables mitigations of common memory safety issues, such as buffer +# overflows, by adding checks to functions like memcpy, strcpy, sprintf, +# and others when the compiler can determine the size of the destination +# buffer at compile time. +# +# Depends opon the FORTIFY_SOURCE implementation in the basesystem. + +.if !defined(_FORTIFY_MK_INCLUDED) +_FORTIFY_MK_INCLUDED= yes +FORTIFY_Include_MAINTAINER= netchild@FreeBSD.org + +. if !defined(FORTIFY_UNSAFE) +FORTIFY_SOURCE?=2 +FORTIFY_CFLAGS?= -D_FORTIFY_SOURCE=${FORTIFY_SOURCE} +CFLAGS+= ${FORTIFY_CFLAGS} +CXXFLAGS+= ${FORTIFY_CFLAGS} +. endif +.endif |