1 dnl 2 dnl Useful macros for autoconf to check for ssp-patched gcc 3 dnl 1.0 - September 2003 - Tiago Sousa <mirage (a] kaotik.org> 4 dnl 1.1 - August 2006 - Ted Percival <ted (a] midg3t.net> 5 dnl * Stricter language checking (C or C++) 6 dnl * Adds GCC_STACK_PROTECT_LIB to add -lssp to LDFLAGS as necessary 7 dnl * Caches all results 8 dnl * Uses macros to ensure correct ouput in quiet/silent mode 9 dnl 1.2 - April 2007 - Ted Percival <ted (a] midg3t.net> 10 dnl * Added GCC_STACK_PROTECTOR macro for simpler (one-line) invocation 11 dnl * GCC_STACK_PROTECT_LIB now adds -lssp to LIBS rather than LDFLAGS 12 dnl 13 dnl About ssp: 14 dnl GCC extension for protecting applications from stack-smashing attacks 15 dnl http://www.research.ibm.com/trl/projects/security/ssp/ 16 dnl 17 dnl Usage: 18 dnl Most people will simply call GCC_STACK_PROTECTOR. 19 dnl If you only use one of C or C++, you can save time by only calling the 20 dnl macro appropriate for that language. In that case you should also call 21 dnl GCC_STACK_PROTECT_LIB first. 22 dnl 23 dnl GCC_STACK_PROTECTOR 24 dnl Tries to turn on stack protection for C and C++ by calling the following 25 dnl three macros with the right languages. 26 dnl 27 dnl GCC_STACK_PROTECT_CC 28 dnl checks -fstack-protector with the C compiler, if it exists then updates 29 dnl CFLAGS and defines ENABLE_SSP_CC 30 dnl 31 dnl GCC_STACK_PROTECT_CXX 32 dnl checks -fstack-protector with the C++ compiler, if it exists then updates 33 dnl CXXFLAGS and defines ENABLE_SSP_CXX 34 dnl 35 dnl GCC_STACK_PROTECT_LIB 36 dnl adds -lssp to LIBS if it is available 37 dnl ssp is usually provided as part of libc, but was previously a separate lib 38 dnl It does not hurt to add -lssp even if libc provides SSP - in that case 39 dnl libssp will simply be ignored. 40 dnl 41 42 AC_DEFUN([GCC_STACK_PROTECT_LIB],[ 43 AC_CACHE_CHECK([whether libssp exists], ssp_cv_lib, 44 [ssp_old_libs="$LIBS" 45 LIBS="$LIBS -lssp" 46 AC_TRY_LINK(,, ssp_cv_lib=yes, ssp_cv_lib=no) 47 LIBS="$ssp_old_libs" 48 ]) 49 if test $ssp_cv_lib = yes; then 50 LIBS="$LIBS -lssp" 51 fi 52 ]) 53 54 AC_DEFUN([GCC_STACK_PROTECT_CC],[ 55 AC_LANG_ASSERT(C) 56 if test "X$CC" != "X"; then 57 AC_CACHE_CHECK([whether ${CC} accepts -fstack-protector], 58 ssp_cv_cc, 59 [ssp_old_cflags="$CFLAGS" 60 CFLAGS="$CFLAGS -fstack-protector -Werror" 61 AC_TRY_COMPILE(,, ssp_cv_cc=yes, ssp_cv_cc=no) 62 CFLAGS="$ssp_old_cflags" 63 ]) 64 if test $ssp_cv_cc = yes; then 65 CFLAGS="$CFLAGS -fstack-protector" 66 AC_DEFINE([ENABLE_SSP_CC], 1, [Define if SSP C support is enabled.]) 67 fi 68 fi 69 ]) 70 71 AC_DEFUN([GCC_STACK_PROTECT_CXX],[ 72 AC_LANG_ASSERT(C++) 73 if test "X$CXX" != "X"; then 74 AC_CACHE_CHECK([whether ${CXX} accepts -fstack-protector], 75 ssp_cv_cxx, 76 [ssp_old_cxxflags="$CXXFLAGS" 77 CXXFLAGS="$CXXFLAGS -fstack-protector -Werror" 78 AC_TRY_COMPILE(,, ssp_cv_cxx=yes, ssp_cv_cxx=no) 79 CXXFLAGS="$ssp_old_cxxflags" 80 ]) 81 if test $ssp_cv_cxx = yes; then 82 CXXFLAGS="$CXXFLAGS -fstack-protector" 83 AC_DEFINE([ENABLE_SSP_CXX], 1, [Define if SSP C++ support is enabled.]) 84 fi 85 fi 86 ]) 87 88 AC_DEFUN([GCC_STACK_PROTECTOR],[ 89 GCC_STACK_PROTECT_LIB 90 91 AC_LANG_PUSH([C]) 92 GCC_STACK_PROTECT_CC 93 AC_LANG_POP([C]) 94 95 AC_LANG_PUSH([C++]) 96 GCC_STACK_PROTECT_CXX 97 AC_LANG_POP([C++]) 98 ]) 99 100
