CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2014/03/29 19:11:00
Modified files:
gnu/gcc/gcc : common.opt toplev.c
Log message:
Change the heuristics of -fstack-protector to select to protect
additional functions --- those that have local array definitions,
or have references to local frame addresses.
Note that upstream uses -fstack-protector-strong and misleads people:
-fstack-protector, -fstack-protector-all, -fstack-protector-strong
can you tell which one is safe?
Luckily, OpenBSD has its own compiler and is able to do the right
thing for security: this is enabled by default, and called
-fstack-protector.
OK deraadt@, miod@. Tested for 3 months.
