use ssp-buffer-size=1 to avoid Werror failures

Build on Ubuntu 10.04 64-bit was failing:

util.c: In function ‘parse_http_time’:
util.c:1370: error: not protecting function: no buffer at least 8 bytes long

We don't want to lose -Werror, and we don't care too much about the
added overhead of protecting even small buffers, so let's simply turn on
SSP for all buffers.

Thanks to Jacob Appelbaum for the pointer and SwissTorExit for the
original report.

Signed-off-by: Andy Isaacson <adi@hexapodia.org>

diff --git a/configure.in b/configure.in
index 07b3ff423b33846e4fab1f63713cdda1b31284eb..46c3c1944e823f94ff855c5b4b300916db21e5e5 100644 (file)
--- a/configure.in
+++ b/configure.in
@@ -885,7 +885,7 @@ if test x$enable_gcc_warnings = xyes || test x$enable_gcc_warnings_advisory = xy
     # These warnings break gcc 4.0.2 and work on gcc 4.2
     # XXXX020 Use -fstack-protector.
     # XXXX020 See if any of these work with earlier versions.
-    CFLAGS="$CFLAGS -Waddress -Wmissing-noreturn -Wnormalized=id -Woverride-init -Wstrict-overflow=1"
+    CFLAGS="$CFLAGS -Waddress -Wmissing-noreturn -Wnormalized=id -Woverride-init -Wstrict-overflow=1 --param ssp-buffer-size=1"
     # We used to use -Wstrict-overflow=5, but that breaks us heavily under 4.3.
   fi