On Fri, Jan 11, 2019 at 7:56 PM 隆春 <longchun...@alibaba-inc.com> wrote: > > commit(2a61f4747eeaa85ce26ca9fbd81421b15facd018)rename CC_STACKPROTECTOR_NONE > config. but unfortunately if the compiler support option -fno-stack-protector, > CC_HAS_STACKPROTECTOR_NONE will not be disabled. > > CC_HAS_STACKPROTECTOR_NONE and CC_STACKPROTECTOR_STRONG will be enabled at > once, > as the following conditions: > 1. gcc support -fno-stack-protector & -fstack-protector-strong > 2. enabled CC_STACKPROTECTOR_STRONG & STACKPROTECTOR > 3. disabled CC_HAS_STACKPROTECTOR_NONE
While it's not very obvious, it's safe to include both -fno-stack-protector and -fstack-protector* on the gcc command line since the latter one is the only one that is used. Are you seeing miscompilation or error conditions without this patch? -Kees -- Kees Cook
