Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Enable more compile-time and run-time protections which are recommended and used by Debian [1] and Red Hat [2] when building their package bases. [1]: https://wiki.debian.org/Hardening [2]: https://developers.redhat.com/blog/2018/03/21/compiler-and-linker-flags-gcc/ These are quite old compilation flags, only -fstack-protector-strong is supported since GCC 4.9. We might need to support earlier versions for distros like RHEL and CentOS so replace it with -fstack-protector when unavailable. They are usually even enabled by default, but let's make sure that the compiler uses them. Stack canaries are run-time checks for buffer overflows in local variables which are the main source of ROP attacks. FORTIFY_SOURCE is not enabled by default usually. It replaces various standard library functions (strcpy(), memcpy(), etc.) with their buffer-length-aware alternatives where possible. They will abort the program (or compilation) if they detect an obvious buffer overflow for arrays of statically-known size. Immediate binding and read-only relocations prevent some exploits which may redirect functions imported by Themis somewhere different. They also somewhat limit possible effects of accidental memory corruption. macOS/iOS uses different linker flags for relro (-read_only_relocs) but relocations have to be writeable on some platforms (e.g., ARM64) therefore we limit it to Linux only. Another recommended option is using position-independed executable code but since we're a shared library we already build with -fPIC.
- Loading branch information
