Fix _FORTIFY_SOURCE redefinition error

Some systems define _FORTIFY_SOURCE by default. It conflicts with our use
of that macro when --enable-extraprotection is passed to the configuration
script.

The solution is to undefine it before redefining it with value 2.

If a higher _FORTIFY_LEVEL level ever appears, it will have to be used in
this program to benefit from the highest protection possible.

diff --git a/CMakeLists.txt b/CMakeLists.txt
index feb61c6f6aff1f1c069880b1db394e49b5460862..ddda5665b20460ace7fe35d56cd959e49e562f8e 100755 (executable)
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -345,7 +345,8 @@ ENDIF(CMAKE_SYSTEM_NAME STREQUAL "solaris")
 OPTION(ENABLE_EXTRA_PROTECT "Enable compile and runtime extra protections" OFF)
 IF(ENABLE_EXTRA_PROTECT)
    GET_TARGET_PROPERTY(TMPCFLAGS sarg COMPILE_FLAGS)
-   SET_TARGET_PROPERTIES(sarg PROPERTIES COMPILE_FLAGS "${TMPCFLAGS} -fstack-protector -D_FORTIFY_SOURCE=2 -Werror")
+   # _FORTIFY_SOURCE may have been defined by the system. It must be undefined before it is changed to the value we want.
+   SET_TARGET_PROPERTIES(sarg PROPERTIES COMPILE_FLAGS "${TMPCFLAGS} -fstack-protector -U _FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -Werror")
 
    CHECK_C_COMPILER_FLAG("-Wformat -Werror=format-security" HAVE_WERROR_FORMAT_SECURITY)
    IF(HAVE_WERROR_FORMAT_SECURITY)

diff --git a/configure.in b/configure.in
index ea192489dff48207953a4f2f7015796be6d27042..c2993b52102eb04e25a31a36e7d122f3281e63fe 100644 (file)
--- a/configure.in
+++ b/configure.in
@@ -285,7 +285,8 @@ AS_HELP_STRING([--enable-extraprotection],
 [Enable compile and runtime extra protections]),
 [
     if test "$enableval"; then
-       CFLAGS="${CFLAGS} -fstack-protector -D_FORTIFY_SOURCE=2"
+       # _FORTIFY_SOURCE may have been defined by the system. It must be undefined before it is changed to the value we want.
+       CFLAGS="${CFLAGS} -fstack-protector -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2"
        if test "x$werror_status" != "xfail" ; then
           CFLAGS="${CFLAGS} -Werror"
        fi