Thanks ! May I have a second review ?
Btw I added a comment to https://bugs.openjdk.java.net/browse/JDK-8130017 describing a bit the "current situation" (minimum gcc 4.8 + "-U_FORTIFY_SOURCE" for lower level OPT-flags (< -O1) ) . Best regards, Matthias > > Looks good, thanks! > > /Erik > > On 2019-05-14 03:16, Baesken, Matthias wrote: > > Hi Erik, here is the updated webrev : > > > > http://cr.openjdk.java.net/~mbaesken/webrevs/8130017.2/ > > > > > > Best regards, Matthias > > > > > >> -----Original Message----- > >> From: Erik Joelsson <erik.joels...@oracle.com> > >> Sent: Freitag, 10. Mai 2019 16:29 > >> To: Baesken, Matthias <matthias.baes...@sap.com>; David Holmes > >> <david.hol...@oracle.com>; 'build-dev@openjdk.java.net' <build- > >> d...@openjdk.java.net> > >> Subject: Re: RFR: 8130017: use _FORTIFY_SOURCE in gcc fastdebug builds - > >> was : RE: gcc FORTIFY_SOURCE application security flags > >> > >> Hello Matthias, > >> > >> I think just -U_FORTIFY_SOURCE should be enough to unset it, no need to > >> also set it to 0. Also, I think it would be good to use an extra set of > >> variables to avoid repeating the flag, like this: > >> > >> ENABLE_FORTIFY_CFLAGS="-D_FORTIFY_SOURCE=2" > >> DISABLE_FORTIFY_CFLAGS="-U_FORTIFY_SOURCE" > >> C_O_FLAG_HIGHEST_JVM="${C_O_FLAG_HIGHEST_JVM} > >> ${ENABLE_FORTIFY_CFLAGS}" > >> ... > >>
