gnupg-1.4.9 fails checks in new distribution
kssingvo at suse.de
Wed Dec 17 21:13:09 CET 2008
Werner Koch wrote:
> Why are you using these extra options:
> -D_FORTIFY_SOURCE=2 -fstack-protector \
> -funwind-tables -fasynchronous-unwind-tables
They were introduced through use of "$RPM_OPT_FLAGS" in the
specfile. The intention is to make code more robust against
attacks, and therefore the security team of SUSE set them
in the global rpm macros file.
> did you used them also on the old system? The problem is probably due
> to _FORTIFY_SOURCE=2; youu need to debug that.
I'm sure about to use options "-D_FORTIFY_SOURCE=2 -fstack-protector",
but unsure about the other two on older systems.
I think David Shaw already explained, that the issues don't occur
anymore, when using "-O1" instead of "-O2" for comilation of
I changed it as suggested (only compiled rijndael.o), and the issues
were really gone. I therefore filed a new bugzilla entry against gcc:
The bad news is, that profiling the code is no longer possible, when
mixing "-O1" with "-O2" object files. But hopefully the compiler
specialists can find the cause and fix it.
Klaus Singvogel - Maxfeldstr. 5 - 90409 Nuernberg - Germany
GnuPG-Key-ID: 1024R/5068792D 1994-06-27
SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
More information about the Gnupg-devel