starlingx
/
nfv
Code Issues Proposed changes

Improve security by avoiding buffer overflows 

This patch adds compiler flags to improve the security of STX code.
Flags added:
Format string vulnerabilities:           CFLAGS="-Wformat -Wformat-security"
Compiler will treat string format warnings as errors,
so at compiling level, buffer overflow is avoided.

Story: 2004380
Task: 28808

Signed-off-by: Luis Botello  <luis.botello.ortega@intel.com>
Reviewed-by: Erich Cordoba <erich.cordoba.malibran@intel.com>
             Victor Rodriguez <vm.rod25@gmail.com>
Suggested-by: Victor Rodriguez <vm.rod25@gmail.com>
              Erich Cordoba <erich.cordoba.malibran@intel.com>

Change-Id: I7e844718e14b35893f9eeb725e32d9d7477f0d57
This commit is contained in:
Luis Botello 2019-01-08 09:34:11 -06:00
parent 7251eec3ba
commit be468f45a7
5 changed files with 13 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
guest-agent/guest-scale-agent-2.0/Makefile
View File

@ -34,7 +34,7 @@
EXECS = guest_scale_helper guest_scale_agent
CFLAGS= -g -Wall
CFLAGS= -g -Wall -Wformat -Wformat-security
ODIR=obj
BINDIR=bin

1
guest-client/guest-client-3.0.1/guest_client/src/Makefile
View File

@ -66,6 +66,7 @@ program_BUILD_OBJS := $(addprefix $(BUILD_DIR)/, $(heartbeat_C_OBJS))
program_BUILD_OBJS += $(addprefix $(BUILD_DIR)/, $(program_C_OBJS))
CFLAGS = -g -O2 -Wall -Werror -Wformat -DSYSCONFDIR=$(sysconfdir)
CFLAGS += -Wformat-security
all: build

2
guest-client/guest-client-3.0.1/guest_client/src/heartbeat/Makefile
View File

@ -54,7 +54,7 @@ heartbeat_C_INCLUDES += -I$(CURRENT_DIR)/../../../include
heartbeat_C_SRCS := $(wildcard *.c)
heartbeat_C_OBJS := ${heartbeat_C_SRCS:.c=.o}
CFLAGS = -g -O2 -Wall -Werror -Wformat -DSYSCONFDIR=$(sysconfdir)
CFLAGS = -g -O2 -Wall -Werror -Wformat -DSYSCONFDIR=$(sysconfdir) -Wformat-security
%.o: %.c
$(CC) $(CFLAGS) $(heartbeat_C_INCLUDES) -c $< -o $(BUILD_DIR)/$@ -ljson-c

2
guest-client/guest-client-3.0.1/guest_client_api/Makefile
View File

@ -72,7 +72,7 @@ sample_C_OBJS := ${sample_C_SRCS:.c=.o}
sample_LDLIBS := -L$(BUILD_DIR) -l$(common_NAME) -l$(heartbeat_NAME) -lrt
sample_BUILD_OBJS := $(addprefix $(BUILD_DIR)/, $(sample_C_OBJS))
CFLAGS = -g -O2 -Wall -Werror -Wformat -fPIC -DSYSCONFDIR=$(sysconfdir)
CFLAGS = -g -O2 -Wall -Werror -Wformat -fPIC -DSYSCONFDIR=$(sysconfdir) -Wformat-security
all: build

2
guest-comm/host-guest-comm-2.0/Makefile.sdk
View File

@ -33,7 +33,7 @@
EXECS= guest_agent server_group_app
CFLAGS= -g -Wall
CFLAGS= -g -Wall -Wformat -Wformat-security
LDFLAGS =
ODIR=obj