From: Todd C. Miller Date: Thu, 28 Apr 2016 21:27:53 +0000 (-0600) Subject: Remove the check for __sprintf_chk when checking for _FORTIFY_SOURCE, X-Git-Tag: SUDO_1_8_17^2~127 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=9d5c6fbd64e196b2c9c298a93545b0d685b7feb6;p=sudo Remove the check for __sprintf_chk when checking for _FORTIFY_SOURCE, Some implementations are purely header-file based. As long as we can link a test program using sprintf() when _FORTIFY_SOURCE=2 it should be safe to use. --- diff --git a/configure b/configure index 0a1a0b236..7037f293c 100755 --- a/configure +++ b/configure @@ -18271,48 +18271,6 @@ esac fi done -if test "$enable_hardening" != "no"; then - found=false - O_CPPFLAGS="$CPPFLAGS" - - case "${CPPFLAGS}" in - *"-D_FORTIFY_SOURCE=2"|*"-D_FORTIFY_SOURCE=2 ") - ;; - *) - if test X"${CPPFLAGS}" = X""; then - CPPFLAGS="-D_FORTIFY_SOURCE=2" - else - CPPFLAGS="${CPPFLAGS} -D_FORTIFY_SOURCE=2" - fi - ;; - esac - - ac_fn_c_check_func "$LINENO" "__sprintf_chk" "ac_cv_func___sprintf_chk" -if test "x$ac_cv_func___sprintf_chk" = xyes; then : - - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ - -int -main () -{ -char buf[4]; (void)sprintf(buf, "%s", "foo"); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - found=true -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext - -fi - - if test X"$found" != X"true"; then - CPPFLAGS="$O_CPPFLAGS" - fi -fi utmp_style=LEGACY for ac_func in getutxid getutid @@ -23346,6 +23304,77 @@ EOF fi +if test "$enable_hardening" != "no"; then + O_CPPFLAGS="$CPPFLAGS" + + case "${CPPFLAGS}" in + *"-D_FORTIFY_SOURCE=2"|*"-D_FORTIFY_SOURCE=2 ") + ;; + *) + if test X"${CPPFLAGS}" = X""; then + CPPFLAGS="-D_FORTIFY_SOURCE=2" + else + CPPFLAGS="${CPPFLAGS} -D_FORTIFY_SOURCE=2" + fi + ;; + esac + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether _FORTIFY_SOURCE may be specified" >&5 +$as_echo_n "checking whether _FORTIFY_SOURCE may be specified... " >&6; } +if ${sudo_cv_use_fortify_source+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + + +int +main () +{ +char buf[4]; (void)sprintf(buf, "%s", "foo"); + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + sudo_cv_use_fortify_source=yes +else + sudo_cv_use_fortify_source=no + +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + sudo_cv_use_fortify_source=yes +else + sudo_cv_use_fortify_source=no + +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $sudo_cv_use_fortify_source" >&5 +$as_echo "$sudo_cv_use_fortify_source" >&6; } + if test "$sudo_cv_use_fortify_source" != yes; then + CPPFLAGS="$O_CPPFLAGS" + fi +fi + ac_c_werror_flag=yes diff --git a/configure.ac b/configure.ac index 263b7aad3..3117cf993 100644 --- a/configure.ac +++ b/configure.ac @@ -2447,20 +2447,6 @@ AC_CHECK_FUNCS([reallocarray], [], [ AC_LIBOBJ(reallocarray) SUDO_APPEND_COMPAT_EXP(sudo_reallocarray) ]) -dnl -dnl If libc supports _FORTIFY_SOURCE check functions, use it. -dnl -if test "$enable_hardening" != "no"; then - found=false - O_CPPFLAGS="$CPPFLAGS" - SUDO_APPEND_CPPFLAGS(-D_FORTIFY_SOURCE=2) - AC_CHECK_FUNC([__sprintf_chk], [ - AC_LINK_IFELSE([AC_LANG_PROGRAM([[]], [[char buf[4]; (void)sprintf(buf, "%s", "foo");]])], [found=true], []) - ], []) - if test X"$found" != X"true"; then - CPPFLAGS="$O_CPPFLAGS" - fi -fi utmp_style=LEGACY AC_CHECK_FUNCS([getutxid getutid], [utmp_style=POSIX; break]) @@ -3804,6 +3790,35 @@ SUDO_VARDIR SUDO_IO_LOGDIR SUDO_TZDIR +dnl +dnl Attempt to use _FORTIFY_SOURCE with sprintf. If the headers support +dnl it but libc does not, __sprintf_chk should be an undefined symbol. +dnl +if test "$enable_hardening" != "no"; then + O_CPPFLAGS="$CPPFLAGS" + SUDO_APPEND_CPPFLAGS(-D_FORTIFY_SOURCE=2) + AC_CACHE_CHECK([whether _FORTIFY_SOURCE may be specified], + [sudo_cv_use_fortify_source], + [AC_LINK_IFELSE([ + AC_LANG_PROGRAM( + [[]], [[char buf[4]; (void)sprintf(buf, "%s", "foo");]] + )], + [sudo_cv_use_fortify_source=yes], + [sudo_cv_use_fortify_source=no] + ) + ] + [AC_LINK_IFELSE( + [AC_LANG_PROGRAM([[]], [[]])], + [sudo_cv_use_fortify_source=yes], + [sudo_cv_use_fortify_source=no] + ) + ] + ) + if test "$sudo_cv_use_fortify_source" != yes; then + CPPFLAGS="$O_CPPFLAGS" + fi +fi + dnl dnl Turn warnings into errors. dnl All compiler/loader tests after this point will fail if