commit: 93ceed55cd26146919435836599a90e17a5dddba
Author: Sergei Trofimovich <slyfox <AT> gentoo <DOT> org>
AuthorDate: Fri Apr 3 22:37:33 2020 +0000
Commit: Sergei Trofimovich <slyfox <AT> gentoo <DOT> org>
CommitDate: Fri Apr 3 22:37:33 2020 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=93ceed55
sys-libs/glibc: switch -fstack-protector-all to -strong, bug #712356
Package-Manager: Portage-2.3.96, Repoman-2.3.22
Signed-off-by: Sergei Trofimovich <slyfox <AT> gentoo.org>
sys-libs/glibc/glibc-2.29-r8.ebuild | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/sys-libs/glibc/glibc-2.29-r8.ebuild
b/sys-libs/glibc/glibc-2.29-r8.ebuild
index c869cce61d5..c95d7016c40 100644
--- a/sys-libs/glibc/glibc-2.29-r8.ebuild
+++ b/sys-libs/glibc/glibc-2.29-r8.ebuild
@@ -812,7 +812,11 @@ glibc_do_configure() {
myconf+=( --enable-stack-protector=no )
;;
*)
- myconf+=( --enable-stack-protector=$(usex ssp all no) )
+ # Use '=strong' instead of '=all' to protect only
functions
+ # worth protecting from stack smashes.
+ # '=all' is also known to have a problem in IFUNC
resolution
+ # tests: https://sourceware.org/PR25680, bug #712356.
+ myconf+=( --enable-stack-protector=$(usex ssp strong
no) )
;;
esac
myconf+=( --enable-stackguard-randomization )
