[Privoxy-devel] 0006-enable-lots-of-diagnostics

Lee ler762 at protonmail.com
Thu Aug 3 17:44:17 CEST 2023 

I would like feedback on what compiler options to use for hardening privoxy & what diagnostics should be enabled.
-------------- next part --------------
From 6e9372453535311a5f4665274b1a81c87671735c Mon Sep 17 00:00:00 2001
From: Lee <ler762 at users.sourceforge.net>
Date: Sun, 30 Jul 2023 15:01:38 -0400
Subject: [PATCH 6/9] enable lots of diagnostics when building privoxy on
 windows

---
 windows/MYconfigure | 52 +++++++++++++++++++++++++++++++++++++++------
 1 file changed, 46 insertions(+), 6 deletions(-)

diff --git a/windows/MYconfigure b/windows/MYconfigure
index ddc9e798..46492bbf 100755
--- a/windows/MYconfigure
+++ b/windows/MYconfigure
@@ -40,7 +40,7 @@ export LDFLAGS=""
 
 CFLAGS="${CFLAGS} -fdiagnostics-color=always"
 # Use color in diagnostics even if stderr is not going to a terminal.
-# It's nice having warnings in color even if I run a script that does
+# It's nice having warnings in color when I run a script that does
 #   'make 2>&1 | tee  log.make'
 
 CFLAGS="${CFLAGS} -fstack-protector-strong -D_FORTIFY_SOURCE=2"
@@ -92,17 +92,28 @@ LDFLAGS="${LDFLAGS} -Wl,--dynamicbase,--export-all-symbols"
 #   As a workaround, you can pass -Wl,--dynamicbase,--export-all-symbols
 #   NOTE: you can't have both this and profiling (cflags='-pg') enabled!
 
+CFLAGS="${CFLAGS} -fcf-protection=full"
+# Enable checking that target addresses of control-flow transfer instructions are valid.
+# This prevents diverting the flow of control to an unexpected target.
+# This is intended to protect against such threats as
+# Return-oriented Programming (ROP), and similarly call/jmp-oriented
+# programming (COP/JOP).
+
 CFLAGS="${CFLAGS} -Wall"
 # see: http://gcc.gnu.org/onlinedocs/gcc/Warning-Options.html
 # -Wall   doesn't actually turn on all warnings, so add  -Wextra
-#    but then plenty too many complaints by
+CFLAGS="${CFLAGS} -Wextra"
+#  but then plenty too many complaints by
 #      -Wmissing-field-initializers
 #      -Wsign-compare
 #      -Wtype-limits
-#      -Wunused-but-set-parameter
+#      -Wunused-parameter
 #      -Wunused-but-set-variable
-CFLAGS="${CFLAGS} -Wextra -Wno-missing-field-initializers -Wno-sign-compare -Wno-type-limits"
-CFLAGS="${CFLAGS} -Wno-unused-parameter -Wno-unused-but-set-variable"
+CFLAGS="${CFLAGS} -Wno-missing-field-initializers"
+CFLAGS="${CFLAGS} -Wno-sign-compare"
+CFLAGS="${CFLAGS} -Wno-type-limits"
+CFLAGS="${CFLAGS} -Wno-unused-parameter"
+CFLAGS="${CFLAGS} -Wno-unused-but-set-variable"
 
 #-no-# CFLAGS="${CFLAGS} -Wconversion"
 #   way too many warnings for things that don't look like a problem
@@ -117,7 +128,10 @@ CFLAGS="${CFLAGS} -Wno-deprecated-declarations"
 CFLAGS="${CFLAGS} -Wformat=2"
 # -Wformat is enabled by -Wall.
 # -Wformat=2 is equivalent to -Wformat -Wformat-nonliteral -Wformat-security -Wformat-y2k
-#   -Wformat-security : also warn about uses of format functions that represent possible security problems.
+#   -Wformat-nonliteral: warn if the format string is not a string literal and so cannot be checked.
+#   -Wformat-security  : warn about uses of format functions that represent possible security problems.
+#   -Wformat-y2k       : warn about "strftime" formats that may yield only a two‐digit year.
+CFLAGS="${CFLAGS} -Wno-format-nonliteral"
 
 CFLAGS="${CFLAGS} -Wlogical-op"
 # Warn about suspicious uses of logical operators in expressions.
@@ -126,12 +140,38 @@ CFLAGS="${CFLAGS} -Wshadow"
 # Warn whenever a local variable or type declaration shadows
 # another variable or whenever a built-in function is shadowed.
 
+CFLAGS="${CFLAGS} -Wuninitialized -Winit-self"
+
 #-no-# CFLAGS="${CFLAGS} -Wwrite-strings"
 # These warnings help you find at compile time code that can try to write
 # into a string constant, but only if you have been very careful about
 # using const in declarations and prototypes.
 # >>> Otherwise, it is just a nuisance. <<<  -- this, very much this
 
+############## 2023 Apr 18 debian-devel at lists.debian.org
+############## RFC: More C errors by default in GCC 14 (no more implicit function declarations etc.)
+######### see what happens if the compiler defaults to all this enabled in GCC 14
+#########
+CFLAGS="${CFLAGS} -Werror=implicit-function-declaration"
+# Functions can no longer be called without be declaring first.
+
+CFLAGS="${CFLAGS} -Wno-implicit-int"
+# int types can no longer be omitted in old-style function definitions,
+# function return types, or variable declarations or definitions.
+
+CFLAGS="${CFLAGS} -Werror=int-conversion"
+# Conversion between pointer and integer types without an explicit cast
+# is now a compiler error.
+
+#-no-#CFLAGS="${CFLAGS} -Werror=incompatible-pointer-types"
+#-no-# even one will prevent building and there's way too many in jbsockets.c
+# GCC will no longer automatically convert between pointer values of unrelated
+# pointer types
+
+#########
+##############
+##############
+
 # why does the mingw library _not_ include .a files for libpcre?
 # *sigh* build my own pcre so I can do static linking
 # Get the 8.x PCRE library from
-- 
2.39.0

More information about the Privoxy-devel mailing list