From 7f3f484a840ef3df5ee8ede266d8bd646f072ac6 Mon Sep 17 00:00:00 2001 From: Hennadii Stepanov <32963518+hebasto@users.noreply.github.com> Date: Fri, 26 Jul 2024 12:44:01 +0100 Subject: [PATCH] fixup! cmake: Add `HARDENING` option Check `-D_FORTIFY_SOURCE` before applying. --- CMakeLists.txt | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index b02d75888be4c..af78648f31ddc 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -521,15 +521,21 @@ if(ENABLE_HARDENING) try_append_linker_flag("/HIGHENTROPYVA" TARGET hardening_interface) try_append_linker_flag("/NXCOMPAT" TARGET hardening_interface) else() - # When the build configuration is Debug, all optimizations are disabled. - # However, _FORTIFY_SOURCE requires that there is some level of optimization, - # otherwise it does nothing and just creates a compiler warning. - # Since _FORTIFY_SOURCE is a no-op without optimizations, do not enable it - # when the build configuration is Debug. - target_compile_options(hardening_interface INTERFACE - $<$>:-U_FORTIFY_SOURCE> - $<$>:-D_FORTIFY_SOURCE=3> + try_append_cxx_flags("-U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=3" + RESULT_VAR cxx_supports_fortify_source ) + if(cxx_supports_fortify_source) + # When the build configuration is Debug, all optimizations are disabled. + # However, _FORTIFY_SOURCE requires that there is some level of optimization, + # otherwise it does nothing and just creates a compiler warning. + # Since _FORTIFY_SOURCE is a no-op without optimizations, do not enable it + # when the build configuration is Debug. + target_compile_options(hardening_interface INTERFACE + $<$>:-U_FORTIFY_SOURCE> + $<$>:-D_FORTIFY_SOURCE=3> + ) + endif() + unset(cxx_supports_fortify_source) try_append_cxx_flags("-Wstack-protector" TARGET hardening_interface SKIP_LINK) try_append_cxx_flags("-fstack-protector-all" TARGET hardening_interface)