gnupg-1.4.9 fails checks in new distribution
Klaus Singvogel
kssingvo at suse.de
Wed Dec 17 21:13:09 CET 2008
Werner Koch wrote:
> Why are you using these extra options:
>
> -D_FORTIFY_SOURCE=2 -fstack-protector \
> -funwind-tables -fasynchronous-unwind-tables
They were introduced through use of "$RPM_OPT_FLAGS" in the
specfile. The intention is to make code more robust against
attacks, and therefore the security team of SUSE set them
in the global rpm macros file.
> did you used them also on the old system? The problem is probably due
> to _FORTIFY_SOURCE=2; youu need to debug that.
I'm sure about to use options "-D_FORTIFY_SOURCE=2 -fstack-protector",
but unsure about the other two on older systems.
I think David Shaw already explained, that the issues don't occur
anymore, when using "-O1" instead of "-O2" for comilation of
rijndael.c.
I changed it as suggested (only compiled rijndael.o), and the issues
were really gone. I therefore filed a new bugzilla entry against gcc:
https://bugzilla.novell.com/show_bug.cgi?id=459921
The bad news is, that profiling the code is no longer possible, when
mixing "-O1" with "-O2" object files. But hopefully the compiler
specialists can find the cause and fix it.
Thanks!
Best regards,
Klaus.
--
Klaus Singvogel - Maxfeldstr. 5 - 90409 Nuernberg - Germany
Phone: +49-911-74053-0
GnuPG-Key-ID: 1024R/5068792D 1994-06-27
SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
More information about the Gnupg-devel
mailing list