Hi, On 16-12-16 19:26, Julien Muchembled wrote: > The bug in Trac #792 (pointer wrongly truncated as 'int', leading to > segfaults) > would have been understood faster with either > -Werror=implicit or -Werror=format > (and above all, before running buggy executables in production) > > Debian already compiles with -Werror=format-security, and it's indeed a good > idea for a sensitive software like OpenVPN to use it. > --- >> Yes, please! >> >> You can put the macro in m4/ >> > > OK. Not sure about the license. It's GPL3+
GPLv3 is fine as far as I'm aware, and the license is nicely contained in the file, so I think all is good. > I also don't include the latest version, which has (among other changes): > -[AC_PREREQ(2.59)dnl for _AC_LANG_PREFIX > +[AC_PREREQ(2.64)dnl for _AC_LANG_PREFIX and AS_VAR_IF Good, 2.59 is reasonable, even RHEL6 has 2.63. Might be good if David or Gert gives this a test run on the build farm before applying though. > configure.ac | 7 +++++ > m4/ax_check_compile_flag.m4 | 74 > +++++++++++++++++++++++++++++++++++++++++++++ > 2 files changed, 81 insertions(+) > create mode 100644 m4/ax_check_compile_flag.m4 > > diff --git a/configure.ac b/configure.ac > index 4f086ea..3357ea0 100644 > --- a/configure.ac > +++ b/configure.ac > @@ -412,6 +412,13 @@ ifdef( > ] > ) > > +AX_CHECK_COMPILE_FLAG([ -Werror=implicit ], [ > + CFLAGS_EXTRA="$CFLAGS_EXTRA -Werror=implicit" > +]) > +AX_CHECK_COMPILE_FLAG([ -Werror=format -Werror=format-security ], [ > + CFLAGS_EXTRA="$CFLAGS_EXTRA -Werror=format -Werror=format-security" > +]) > + Shouldn't there be a CFLAGS="${CFLAGS} ${CFLAGS_EXTRA}" somewhere? Or just use CFLAGS directly, instead of _EXTRA. Without that, I don't see the flags appear in the make output. -Steffan ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel