Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2025-02-17 06:09:19 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 1913118 - Use -fstrict-flex-arrays=1 in hardened mode r=glandium

Browse Source 
There's no point to activate -fstrict-flex-arrays=3 as there's a lot of
situation where the char [0] syntax is used, including in generated
code.

There's no point to activate -fstrict-flex-arrays=2 as at least sqlite
and icu use the char [1] syntax.

Differential Revision: https://phabricator.services.mozilla.com/D219851
This commit is contained in:
serge-sans-paille 2024-09-17 14:40:24 +00:00
parent ee3ee0a1e7
commit fd62692872
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
build/moz.configure/toolchain.configure
View File

@ -2865,6 +2865,13 @@ def security_hardening_cflags(
if debug:
flags.extend(trivial_auto_var_init)
if (c_compiler.type == "clang" and c_compiler.version >= "16") or (
c_compiler.type == "gcc" and c_compiler.version >= "13"
):
# Cannot use level 3 because we have many uses of the [0] GNU syntax.
# Cannot use level 2 because sqlite3 and icu use the [1] GNU syntax.
flags.append("-fstrict-flex-arrays=1")
# ASLR ------------------------------------------------
# ASLR (dynamicbase) is enabled by default in clang-cl; but the
# mingw-clang build requires it to be explicitly enabled