[pacman-dev] [PATCH 03/10] Add FORTIFY_SOURCE support

[Allan McRae]

Adds a check for the minimum mainline GCC version for FORTIFY_SOURCE
support and enables -D_FORTIFY_SOURCE=2 by default when building with
--enable-debug.

Signed-off-by: Allan McRae <allan at archlinux.org>
---
 acinclude.m4 |   23 +++++++++++++++++++++++
 configure.ac |    1 +
 2 files changed, 24 insertions(+), 0 deletions(-)

diff --git a/acinclude.m4 b/acinclude.m4
index 1524a3d..80b0ba0 100644
--- a/acinclude.m4
+++ b/acinclude.m4
@@ -4910,6 +4910,29 @@ AC_DEFUN([GCC_STACK_PROTECT_CC],[
   fi
 ])
 
+dnl GCC_FORTIFY_SOURCE_CC
+dnl checks -D_FORTIFY_SOURCE with the C compiler, if it exists then updates
+dnl CFLAGS
+AC_DEFUN([GCC_FORTIFY_SOURCE_CC],[
+  AC_LANG_ASSERT(C)
+  if test "X$CC" != "X"; then
+    AC_MSG_CHECKING(for FORTIFY_SOURCE support)
+    AC_TRY_COMPILE([#include <features.h>], [
+      int main() {
+      #if !(__GNUC_PREREQ (4, 1) )
+      #error No FORTIFY_SOURCE support
+      #endif
+        return 0;
+      }
+    ], [
+      AC_MSG_RESULT(yes)
+      CFLAGS="$CFLAGS -D_FORTIFY_SOURCE=2"
+    ], [
+      AC_MSG_RESULT(no)
+  ])
+  fi
+])
+
 dnl GCC_VISIBILITY_CC
 dnl checks -fvisibility=internal with the C compiler, if it exists then
 dnl defines ENABLE_VISIBILITY_CC in both configure script and Makefiles
diff --git a/configure.ac b/configure.ac
index b4570f5..76e36c8 100644
--- a/configure.ac
+++ b/configure.ac
@@ -316,6 +316,7 @@ if test "x$debug" = "xyes" ; then
 	# Check for -fstack-protector availability
 	GCC_STACK_PROTECT_LIB
 	GCC_STACK_PROTECT_CC
+	GCC_FORTIFY_SOURCE_CC
 	CFLAGS="$CFLAGS -g -Wall -Werror"
 else
 	AC_MSG_RESULT(no)
-- 
1.7.3